Web Application Penetration Tester

Company Description

Vigilant Telecom operates with tactical precision under our tagline, "Infiltrate. Expose. Neutralize." We deliver elite cybersecurity services with a clear objective: dominate the threat landscape. Our services include deep penetration testing across networks, web and mobile applications, APIs, and cloud environments. We offer cybersecurity consulting to shape resilient strategies and architectures tailored to your needs.

Role Description

Web Application Penetration Tester

Qualifications

Experience:

• 2–3 years in web application security testing or offensive security roles

Technical Skills:

• Deep understanding of OWASP Top 10, API security issues, session management, access control, and input validation flaws
• Hands-on experience with tools like Burp Suite, OWASP ZAP, SQLmap, Nmap, and browser-based testing plugins
• Knowledge of HTTP protocols, REST/GraphQL APIs, authentication mechanisms (OAuth, JWT), and web server configurations
• Scripting experience with Python, JavaScript, or Bash for custom testing and automation

Knowledge:

• Familiarity with client/server-side vulnerabilities, business logic attacks, and modern frameworks (React, Angular, etc.)
• Experience testing Single Page Applications (SPAs) and cloud-hosted services

Education:

• Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience/certifications (e.g., OSWE, eWPT, Burp Suite Certified Practitioner)

Soft Skills

• Strong attention to detail with a deep analytical mindset
• Clear communication to explain technical issues to developers and non-technical stakeholders
• Passion for offensive security and continuous learning

Preferred

• Certifications like OSWE, eWPT, or Burp Suite Certified Practitioner
• Experience in bug bounty programs or CTFs
• Exposure to DevSecOps pipelines and secure SDLC