Cybersecurity Specialist

About the Role

We are looking for an experienced Cybersecurity Specialist to thoroughly test our SaaS product built using Laravel, Next.js, Node.js, MySQL, and MongoDB. The role involves identifying vulnerabilities, simulating real-world attacks, and ensuring our system is protected from threats such as malware, bot attacks, and data leakage.

Scope of Security Testing

The security audit will cover, but not be limited to:

• Application Security Testing – SAST, DAST, IAST, OWASP Top 10 vulnerability checks.
• API Security Testing – authentication/authorization flaws, data exposure, rate-limiting, replay attacks.
• Database Security Testing – SQL injection (MySQL), NoSQL injection (MongoDB), encryption, DB access control.
• Infrastructure & Server Security Testing – cloud configuration audit, firewall review, network security, patch management.
• Penetration Testing – external and internal testing, red team simulations.
• Malware & Bot Attack Simulation – file upload vulnerabilities, malware injection, anti-bot measures.
• Authentication & Authorization Testing – weak password attacks, MFA testing, session hijacking prevention.
• Data Leakage & Privacy Testing – PII exposure checks, GDPR/CCPA compliance, log & error masking.
• Denial of Service (DoS/DDoS) Testing – stress/load testing, application-layer DoS prevention.
• Business Logic Security Testing – abuse of workflows, race condition testing.

Key Responsibilities

• Perform comprehensive manual & automated security testing across the SaaS platform.
• Provide a detailed vulnerability assessment report with risk ratings and recommended fixes.
• Collaborate with the development team to implement security best practices.
• Re-test after fixes to ensure vulnerabilities are resolved.

Required Skills & Experience

• Proven experience in penetration testing and web application security.
• Strong knowledge of Laravel, Next.js, Node.js, MySQL, MongoDB security considerations.
• Hands-on experience with OWASP Top 10, SAST, DAST, and vulnerability scanning tools.
• Expertise in SQL injection, NoSQL injection, XSS, CSRF, RCE, SSRF, privilege escalation testing.
• Familiarity with malware analysis and bot attack prevention techniques.
• Understanding of API security, encryption, and secure data handling.
• Experience with cloud security (AWS, Azure, or similar) is a plus.
• Relevant certifications (e.g., CEH, OSCP, CISSP) preferred.

Deliverables

• Comprehensive security audit report.
• Actionable recommendations for remediation.
• Post-fix verification testing results.

Job Types: Full-time, Permanent

Pay: ₹10,523.07 - ₹67,466.61 per month

Application Question(s):

• We are looking for someone who can work from our Noida office. Will that be okay for you?
• How many years of overall experience you have??
• How many years of hands-on experience you have in penetration testing for SaaS products?
• Are you familiar with Laravel, Next.js, Node.js, MySQL, and MongoDB security considerations?
• The timings would be a regular morning shift and monday - friday office. Will that be okay for you?
• What is your CCTC?
• What is your ECTC?
• We are looking for a immediate joiners, How soon you can join with us, Once you get selected?

Expected Start Date: 25/08/2025