Company Description Vigilant Telecom operates with tactical precision under the tagline "Infiltrate. Expose. Neutralize." They deliver elite cybersecurity services with a focus on dominating the threat landscape. The company conducts deep penetration testing across various platforms to uncover and prioritize vulnerabilities, responding fast and effectively to neutralize threats. Role Description This is a full-time on-site role in Mumbai for a Mobile Application Penetration Tester at Vigilant Telecom. In this role, you will conduct comprehensive penetration testing on mobile applications to identify and exploit vulnerabilities across Android and iOS platforms. Your responsibilities will include analyzing security weaknesses, developing proof-of-concept payloads, and supporting offensive security operations to ensure the robustness of our mobile platforms. Key Responsibilities Perform manual and automated penetration testing on iOS and Android applications Reverse engineer mobile apps to analyze logic flaws, insecure data storage, and obfuscation bypass Identify issues such as insecure authentication, broken cryptography, insecure communications, and improper platform usage Decompile APKs/IPAs, analyze source code, and craft custom payloads or exploits Assess API backends connected to mobile apps for common and chained vulnerabilities Generate technical reports with clear risk descriptions, reproduction steps, and remediation guidance Stay current with mobile security trends, new exploits, and platform-specific attack vectors Qualifications 3+ years in mobile application penetration testing or mobile security research Proficiency with tools such as MobSF, Frida, Burp Suite, objection, jadx, apktool, Cycript, and Ghidra Strong grasp of OWASP Mobile Top 10, Android/iOS internals, and mobile app architecture Strong understanding of mobile application security concepts Experience bypassing root/jailbreak detection, SSL pinning, and obfuscation Familiarity with backend/API testing and mobile-to-server communications Scripting in Python, Bash, or JavaScript for automation and dynamic testing Understanding of app store review guidelines and secure coding practices for mobile Excellent problem-solving and analytical skills Relevant certifications such as OSCP, OSCE, GMOB or equivalent Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field

Company Description Vigilant Telecom operates with tactical precision under our tagline, "Infiltrate. Expose. Neutralize." We deliver elite cybersecurity services with a clear objective: dominate the threat landscape. Our services include deep penetration testing across networks, web and mobile applications, APIs, and cloud environments. We offer cybersecurity consulting to shape resilient strategies and architectures tailored to your needs. Role Description We’re seeking a Web Application Penetration Tester to identify and exploit vulnerabilities across complex web environments. This is an on-site role in Mumbai. You’ll be responsible for assessing the security of web applications, APIs, and cloud-hosted services, simulating real-world attack scenarios, and delivering actionable insights that harden client defenses. Qualifications Experience: 2–3 years in web application security testing or offensive security roles Technical Skills: Deep understanding of OWASP Top 10, API security issues, session management, access control, and input validation flaws Hands-on experience with tools like Burp Suite, OWASP ZAP, SQLmap, Nmap, and browser-based testing plugins Knowledge of HTTP protocols, REST/GraphQL APIs, authentication mechanisms (OAuth, JWT), and web server configurations Scripting experience with Python, JavaScript, or Bash for custom testing and automation Knowledge: Familiarity with client/server-side vulnerabilities, business logic attacks, and modern frameworks (React, Angular, etc.) Experience testing Single Page Applications (SPAs) and cloud-hosted services Education: Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience/certifications (e.g., OSWE, eWPT, Burp Suite Certified Practitioner) Soft Skills Strong attention to detail with a deep analytical mindset Clear communication to explain technical issues to developers and non-technical stakeholders Passion for offensive security and continuous learning Preferred Certifications like OSWE, eWPT, or Burp Suite Certified Practitioner Experience in bug bounty programs or CTFs Exposure to DevSecOps pipelines and secure SDLC