Job Description

Job description Job Title: Security Consultant (Mobile & Web Application Security, Red Teaming, Phishing) Location: Navi Mumbai Experience Level:1-2 Years Job Overview: We are looking for a highly motivated Junior Security Analyst with 1-2 years of hands-on experience in Red Teaming, Mobile Application Security Testing, Web Application Security Testing, and Phishing. The selected candidate will work within our cybersecurity team to identify and help mitigate security vulnerabilities across different platforms and applications. Additionally, the role includes participation in Red Team engagements and Phishing Campaigns. Key Responsibilities: Red Teaming: Assist in conducting Red Team operations to simulate advanced persistent threats (APT) and adversary tactics, techniques, and procedures (TTPs).Collaborate with senior team members to develop realistic attack scenarios and generate actionable reports. Mobile Application Security Testing: Perform security assessments of Android and iOS applications, identifying vulnerabilities and weaknesses.Conduct manual and automated testing using industry-standard tools such as Burp Suite, MobSF, Frida, etc.Document vulnerabilities and offer remediation strategies to development teams. Web Application Security Testing: Conduct web application security testing, identifying common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).Use tools such as OWASP ZAP, Burp Suite, and others to perform penetration testing.Prepare detailed assessment reports with actionable remediation recommendations. Phishing Campaigns: Assist in planning and executing phishing campaigns to simulate phishing attacks. Develop phishing templates and analyze user responses to gauge organizational security awareness. Provide reports and conduct training sessions to improve the organizations resilience to phishing attacks. Requirements: 1-2 years of relevant experience in Red Teaming, Mobile Application Security Testing, Web Application Security Testing, and Phishing. Familiarity with security standards and frameworks such as OWASP Top 10, SANS, NIST, etc. Proficiency with penetration testing tools such as Burp Suite, Metasploit, Nessus, MobSF, etc. Basic knowledge of scripting and programming languages (Python, Bash, etc.) is an added advantage. Understanding of phishing techniques and social engineering principles. Strong analytical and problem-solving skills with great attention to detail. Excellent verbal and written communication skills. Preferred Certifications (Not mandatory): CEH (Certified Ethical Hacker) CompTIA Pentest+ OSCP (Offensive Security Certified Professional)