Penetration Tester

About Us:

Astra is a cybersecurity SaaS company that makes otherwise chaotic pentests a breeze with its one-of-a-kind AI-led offensive Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 13,000+ security tests.

CTOs and CISOs love Astra because it helps them to achieve continuous security at scale, fix vulnerabilities in record time, and seamlessly transition from DevOps to DevSecOps with Astra's powerful CI/CD integrations.

Astra is loved by 800+ companies across 70+ countries. In 2024 Astra uncovered 2.5 million+ vulnerabilities for its customers, saving customers $110M+ in potential losses due to security vulnerabilities.

We've been awarded by the President of France Mr. François Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security. Loom, MamaEarth, Muthoot Finance, Canara Robeco, Dream 11, OLX Autos etc. are a few of Astra’s customers.

Role overview:

Penetration Tester I

You’ll get hands-on experience with offensive security, collaborate with top minds in the space, and play a vital role in making the internet safer. This is where curiosity meets impact.

At Astra you will be:

• Performing hacker style pentests on our customer’s applications and managing the entire pentest using our one-of-a-kind Pentest platform.
• Carrying out VA/PT for web apps, mobile apps, Cloud infrastructure, SaaS apps, network devices, open-source projects etc.
• Contributing towards building intelligence for our DAST scanner.
• Interacting with clients over remediation calls.
• Facilitating clients to map out the steps for fixing vulnerabilities.
• Maintaining our vulnerability management system.

What we are looking for:

• OSCP or CREST certified
• Strong understanding of OWASPs testing guidelines
• 2-4 years of professional experience in doing pentests on multiple assets including web apps, cloud infrastructure etc.
• Comfortable in Black Box, WhiteBox testing with capability of finding business logic vulnerabilities
• Experience directly interfacing with customers over calls & emails
• Ability to understand code in anyone programming language

Good to have:

• A few published CVE’s
• A bug bounty/CTF experience.

Benefits of being an Astra-naut:

• Embrace the cozy remote work lifestyle.
• Health Insurance cover for you and your spouse.
• Feel the startup adrenaline pumping through your veins. Revel in our open, growth-centric ambiance; it's like a digital playground.
• Dive deep into the captivating world of cybersecurity.
• And yes, get ready for some unforgettable workcations—think Chikmagalur & Jim Corbett. The previous one was at Wayanad, KL

P.s: This is a remote role. Come along if you'd like to learn, grow, and contribute in a fast-paced, hacker-led culture :)