Mobile Application Penetration Testing
(static & dynamic analysis, jailbreak/root bypass).
API Vulnerability & Penetration Testing
(BOLA, mass assignment, parameter tampering).
Web Application Vulnerability Assessments & Exploitation
(OWASP Top 10, custom attacks).
Network Penetration Testing
(internal & external infrastructure).

Simulate
real-world attack chains
across mobile API cloud infra, including privilege escalation and data exfiltration.
Perform
reverse engineering
of mobile binaries (IPA/APK), patch protections, and bypass anti-debugging.

Team Leadership & Management

Lead and mentor the
CTR team members
on mobile, API, and web security assessments.
Review and validate penetration testing reports prepared by team members.
Review and triage reports from
external researchers
submitted through bug bounty platforms and vulnerability disclosure programs.
Provide
strategic guidance and advisory
to stakeholders on security risks, design improvements, and remediation strategies.

Security Tools & Frameworks

Proficiency with reverse engineering tools:
Ghidra, IDA Pro, Hopper, Radare2
.
Skilled in
OWASP ZAP
and aligned with
OWASP MSTG/MASVS
frameworks.
Ability to create custom tools/scripts for automation and exploit development.

Programming & Scripting Skills

Hands-on experience with:
C/C++, Objective-C, Swift, Java, Kotlin, Python
.
Ability to build custom security testing tools and automation frameworks.

API & Cloud Security

Deep knowledge of
OAuth2.0, JWT, OpenID Connect, SAML
.
Familiarity with securing
cloud-native APIs
and identifying misconfigurations.

Required Certifications:

OffSec Experienced Penetration Tester (OSEP)
Offensive Security Certified Professional (OSCP)
Red Team Operator (CRTO or equivalent)
eLearnSecurity Certified Penetration Tester eXtreme (eCPTX)
eLearnSecurity Web Application Penetration Tester eXtreme (eWPTX)
eLearnSecurity Certified Professional Penetration Tester (eCPPT)

Preferred candidate profile

10+ years of experience in
penetration testing, red teaming, and application security
.
Demonstrated ability to
evade EDR/MDM detections
in red team scenarios.
Experience in
bug bounty, vulnerability disclosure, or external researcher report validation
.
Strong communication and stakeholder advisory skills.

More Jobs at Allegis Services India

Embedded Software Engineer

hyderabad, bengaluru

2.0 - 7.0 yrs

INR 7 - 17 Lacs

iOS Developer

gurugram

7.0 - 12.0 yrs

INR 25 - 37 Lacs

Embedded Developer

hyderabad

2.0 - 6.0 yrs

INR 9 - 19 Lacs

Network Engineer - Data Center

mumbai, pune, bengaluru

4.0 - 7.0 yrs

INR 9 - 15 Lacs

Python Programmer

bengaluru

3.0 - 8.0 yrs

INR 7 - 17 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.