Role: Pen Tester_Security VAT
Experience: 5+ Years
Notice: Immediate joiners
Perform manual and tool-based VAPT using Burp Suite (Proxy, Repeater,
Intruder, Scanner) and similar tools.
Identify, exploit, and explain real-world impact of OWASP Top 10
vulnerabilities, including business logic flaws.
Work with SAST and DAST tools and manually verify findings for accuracy,
exploitability, and business impact.
Use scripting (Python / Bash / JavaScript) to automate repetitive tests and
build custom security checks.
Collaborate with developers and the engineering manager to triage, prioritize,
and remediate vulnerabilities with clear, actionable guidance, while meeting
project deadlines.
Participate in secure SDLC activities — design reviews, threat modeling, and
release validations.
Analyze the impact of security fixes and ensure no regressions are introduced
into the product.
Contribute to improving security testing practices, automation, and
DevSecOps / CI-CD integration.
Stay current with the latest threats, tools, and attack techniques.
Must Have (Core Skills)
5+ years of hands-on experience in security testing (VAPT) for web
applications and APIs.
Practical expertise with Burp Suite (Proxy, Repeater, Intruder, Scanner) and
similar tools
Good understanding of OWASP Top 10 vulnerabilities with ability to identify,
exploit, and explain impact
Experience with SAST and DAST tools and ability to validate findings
manually
Hands-on experience in manual penetration testing, not just tool-based
scanning
Strong understanding of HTTP/HTTPS, cookies, sessions, authentication, and
APIs
Good to Have
Experience in ethical hacking / bug bounty / red team activities
Understanding of API security testing (REST / GraphQL), PHP-based
platforms (Adobe Commerce/Magento).
Knowledge of e-commerce security risks (payments, cart logic, price
manipulation, coupon abuse)
Exposure to DevSecOps practices (CI/CD security integration)
Pay: ₹1,800,000.00 - ₹2,500,000.00 per year
Benefits:
- Provident Fund
- Work from home
Work Location: Remote
