Job Title: Cyber Security Analyst (Web Application Security & Penetration Testing)
Location: Varanasi, Uttar Pradesh (On-site)
Employment Type: Full-time
Experience: 1–4 Years
Salary: Competitive (Based on Skills & Experience)
Job Summary
We are looking for a Cyber Security Analyst who is passionate about identifying and fixing security vulnerabilities in web applications and network infrastructure. The ideal candidate should have hands-on experience in Web Application Penetration Testing (WAPT), SQL Injection testing, network traffic analysis using Wireshark, vulnerability assessment, and secure coding practices.
The candidate will work closely with our development team to identify security flaws, perform penetration testing, recommend remediation strategies, and improve the overall security posture of our applications and infrastructure.
Key Responsibilities
Perform Web Application Penetration Testing (WAPT).
Identify and exploit vulnerabilities such as:
SQL Injection (SQLi)
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Remote Code Execution (RCE)
Command Injection
File Upload Vulnerabilities
Authentication & Authorization Issues
Session Management Issues
Broken Access Control
Insecure Direct Object References (IDOR)
SSRF
XXE
Security Misconfigurations
Conduct Vulnerability Assessment and Penetration Testing (VAPT).
Analyze HTTP requests and responses.
Perform API Security Testing (REST APIs, JWT, OAuth).
Capture and analyze network traffic using Wireshark.
Perform packet analysis to identify malicious traffic and network anomalies.
Use Burp Suite for manual security testing.
Validate security findings and provide proof-of-concept demonstrations.
Prepare detailed vulnerability reports with risk ratings and remediation steps.
Collaborate with developers to fix identified vulnerabilities.
Perform secure configuration reviews of Linux servers and web servers.
Verify fixes after remediation and conduct regression security testing.
Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques.
Required Technical Skills
Web Security
SQL Injection
Blind SQL Injection
XSS
CSRF
SSRF
XXE
IDOR
Authentication Bypass
Session Hijacking
Cookie Security
Security Headers
OWASP Top 10
Tools
Burp Suite
Wireshark
OWASP ZAP
Nmap
Metasploit (Basic)
Nikto
Gobuster / Dirsearch
sqlmap
ffuf
Postman
Linux Terminal
Networking
TCP/IP
HTTP/HTTPS
DNS
SSL/TLS
Firewalls
VPN
Packet Analysis
Network Troubleshooting
Operating Systems
Linux (Ubuntu, Kali Linux)
Windows
Databases
MySQL
PostgreSQL
Microsoft SQL Server
Programming Knowledge (Preferred)
PHP
Laravel
JavaScript
Python (Basic Scripting)
SQL
Preferred Qualifications
Bachelor's degree in Computer Science, Information Security, or related field.
CEH, eJPT, PNPT, Security+, or similar cybersecurity certifications are preferred but not mandatory.
Experience with bug bounty or Capture The Flag (CTF) platforms is a plus.
Strong analytical and problem-solving skills.
Good report writing and communication skills.
Nice to Have
Experience securing Laravel or PHP applications.
API Penetration Testing experience.
Linux server hardening.
Basic cloud security (AWS, Azure, GCP).
SIEM knowledge.
IDS/IPS concepts.
Docker security.
Git/GitHub familiarity.
What We Offer
Opportunity to work on real-world web application security projects.
Hands-on penetration testing assignments.
Exposure to modern cybersecurity tools and technologies.
Professional growth and continuous learning opportunities.
Collaborative and security-focused work environment.
How to Apply
Contact Person : Himanshu
Contact Number : 9151828241 (Whatsapp)
Plz call after 6pm (monday to friday)
Job Type: Full-time
Pay: ₹30,000.00 - ₹70,000.00 per month
Benefits:
- Commuter assistance
- Internet reimbursement
- Provident Fund
Work Location: In person