Nway Technologies logo

Ethical Hacker / Penetration Tester

3 - 8 years

9 - 14 Lacs

ahmedabad

Posted:Just now| Platform: Naukri logo

Apply

Skills Required

procurement erp white box testing linux application security risk management sdlc sql auditing penetration testing

Work Mode

Work from Office

Job Type

Full Time

Job Description


Position: VAPT Engineer / Penetration Tester
Domain: Application Security - ERP / SaaS
Experience: 3+ Years
Job Summary

  • We are looking for a Vulnerability Assessment & Penetration Testing (VAPT) Engineer to secure our ERP and SaaS applications.

  • The role involves identifying, exploiting, validating, and reporting security vulnerabilities across web applications, APIs, and infrastructure.

  • Ensure compliance with OWASP, NIST, and secure SDLC best practices.


Key Roles & Responsibilities

  • Penetration Testing & VAPT


    • Conduct manual and automated penetration testing on Web Applications, APIs, and ERP/SaaS platforms.

    • Perform Vulnerability Assessment (VA) and Penetration Testing (PT) using industry-standard tools and methodologies.

    • Identify, validate, and exploit vulnerabilities such as:

      • SQL Injection, XSS, CSRF

      • Authentication & Authorization flaws

      • Broken Access Control

      • Security Misconfigurations

      • API security weaknesses





  • Application & API Security


    • Perform Web Application and API Security Testing aligned with OWASP Top 10 and OWASP API Top 10.

    • Review application flows, business logic, and role-based access in ERP modules (Finance, HR, Procurement, Project, etc. ).

    • Validate secure authentication, session management, and data protection mechanisms.



  • Security Tools & Techniques


    • Use and configure security tools including:


      • Burp Suite (Proxy, Repeater, Intruder, Scanner)

      • Nmap (Network & Port Scanning)

      • SQLmap (SQL Injection Detection & Exploitation)

      • Nessus (Vulnerability Scanning & Risk Assessment)

      • Kali Linux (Security Testing Environment)


    • Perform black-box, grey-box, and white-box testing.



  • Standards, Compliance & Frameworks


    • Map identified vulnerabilities to:


      • OWASP Top 10

      • NIST Security Framework


    • Support compliance and audit requirements.

    • Assist in defining security baselines and hardening guidelines for ERP/SaaS systems.



  • Reporting & Risk Management


    • Prepare detailed VAPT reports including:


      • Vulnerability description

      • Risk rating (CVSS)

      • Proof of Concept (PoC)

      • Impact analysis

      • Actionable remediation steps


    • Collaborate with development, DevOps, and product teams for fixes and re-testing.



  • Malware & Threat Analysis (Good to Have)


    • Perform basic malware analysis and suspicious activity investigation.

    • Support incident response teams during security incidents.




Technical Skills (Mandatory)

  • Penetration Testing & VAPT

  • Web Application & API Security Testing

  • OWASP Top 10 / OWASP API Top 10

  • Burp Suite

  • Nmap

  • SQLmap

  • Nessus

  • Kali Linux

  • Vulnerability Assessment (VA)

  • NIST Security Framework


Domain Preference

  • Experience securing ERP or SaaS applications is highly preferred.

  • Exposure to enterprise systems, multi-tenant SaaS, and role-based access control (RBAC) is a plus.


Soft Skills

  • Strong analytical and problem-solving skills.

  • Ability to communicate security risks to non-technical stakeholders.

  • Excellent documentation and reporting skills.

  • Collaborative mindset with developers and product teams.


Ideal Candidate Profile

  • 3+ years of hands-on experience in Application Security / VAPT.

  • Strong understanding of attack vectors, exploitation techniques, and remediation.

  • Experience working in product-based ERP or SaaS environments.


Upload Resume

More Jobs at Nway Technologies

Operation Manager

indore, madhya pradesh

3.0 - 7.0 yrs
|

Salary: Not disclosed

ERP Sales Manager

indore, madhya pradesh

5.0 - 9.0 yrs
|

Salary: Not disclosed

Subject Matter Expert (Accounts)

indore, madhya pradesh

3.0 - 7.0 yrs
|

Salary: Not disclosed

ERP Delivery/Project Manager

indore, madhya pradesh

4.0 - 8.0 yrs
|

Salary: Not disclosed

Assistant Support Manager (Technical)

indore, madhya pradesh

5.0 - 9.0 yrs
|

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Google Play App Store
coding practice

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now
Nway Technologies logo
Nway Technologies

RecommendedJobs for You

Nway Technologies logo

Ethical Hacker / Penetration Tester

Nway Technologies

ahmedabad

Nway Technologies logo

Ethical Hacker / Penetration Tester

Nway Technologies

ahmedabad

GSPANN Technologies logo

Penetration Testing &amp Offensive Security Engineer (Web/Mobile/API)

GSPANN Technologies

hyderabad, gurugram

Zenith Consultants Software logo

Immediate Requirement For Java Developer

Zenith Consultants Software

hyderabad, chennai, bengaluru

Axycube Solutions logo

Vulnerability Engineers with Python - Indian MNC - Immediate Joiners

Axycube Solutions

bengaluru

Happiest Minds Technologies logo

ENGINEER - ENGINEER

Happiest Minds Technologies

pune

VAPT Engineer

Contactx Resource Management Pvt. Ltd.

bangalore rural

VAPT Engineer

Contactx Resource Management Pvt. Ltd.

bengaluru

Controlcase logo

Application Penetration Tester

Controlcase

mumbai

Epsilon Data Management logo

Associate Application Security (VAPT)

Epsilon Data Management

gurugram