5.0 - 7.0 years

0 Lacs

bengaluru, karnataka, india

On-site

Summary: We are seeking a skilled and detail-oriented Application Security Penetration Tester to join our cybersecurity team. The primary goal of this role is to ensure secure software delivery by planning, executing, and documenting penetration tests on enterprise applications, identifying vulnerabilities, and supporting remediation efforts. Experience: 5+ years Main Responsibilities: As a Penetration Tester, you will be responsible for conducting comprehensive security assessments across various applications. Preparatory Phase: Conduct kick-off meetings with application owners to define the scope and feasibility of penetration tests. Review functional and technical aspects of applications to prepare for testing. Deliver scope documentation and meeting minutes within defined timelines. Operational Phase: Execute penetration tests on applications to identify exploitable vulnerabilities. Analyze application security posture and provide detailed findings. Prepare and present reports and findings to stakeholders. Coordinate with development and security teams for issue resolution. Post-Operational Phase: Conduct restitution meetings to recap completed tests and their outcomes. Create detailed documentation for retesting and audit purposes. Support closure of identified issues (PTRs) and track remediation progress. Maintenance Phase: Re-evaluate and close PTRs as part of ongoing security maintenance. Contribute to efficiency improvements and automation of pentest processes. Collaborate on tooling design and documentation enhancements. Key Requirements: Security Expertise - Application security testing, Penetration testing, Vulnerability assessment, Reverse engineering Knowledge Areas - OWASP Top 10, Secure coding practices, CVSS v2.0, CVSS Calculator v4.0 Tools & Technologies - Burp Suite Professional, OWASP ZAP, Nessus, Metasploit, Linux & Windows OS Programming Skills - Scripting experience (Python, JavaScript) Certifications - OSCP, PNPT, CPT, CEPT, CCPT, eJPT / PJPT Soft Skills - Fluent English (spoken & written), Team collaboration Nice to Have: PCI-DSS auditing experience Security audits and compliance frameworks NodeJS, VueJS CEH, GWAPT certifications Fast learner, Autonomy Multicultural team experience Other Details: This position requires the delivery of pentest reports, documentation for retesting, remediation proposals, and coordination with development teams. It also involves tooling design and automation in pentest workflows. Show more Show less

Posted 2 days ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.