Job
Description
Company Description Vigilant Telecom operates with tactical precision under our tagline, "Infiltrate. Expose. Neutralize." We deliver elite cybersecurity services with a clear objective: dominate the threat landscape. Our services include deep penetration testing across networks, web and mobile applications, APIs, and cloud environments. We offer cybersecurity consulting to shape resilient strategies and architectures tailored to your needs. Role Description We’re seeking a Web Application Penetration Tester to identify and exploit vulnerabilities across complex web environments. This is an on-site role in Mumbai. You’ll be responsible for assessing the security of web applications, APIs, and cloud-hosted services, simulating real-world attack scenarios, and delivering actionable insights that harden client defenses. Qualifications Experience: 2–3 years in web application security testing or offensive security roles Technical Skills: Deep understanding of OWASP Top 10, API security issues, session management, access control, and input validation flaws Hands-on experience with tools like Burp Suite, OWASP ZAP, SQLmap, Nmap, and browser-based testing plugins Knowledge of HTTP protocols, REST/GraphQL APIs, authentication mechanisms (OAuth, JWT), and web server configurations Scripting experience with Python, JavaScript, or Bash for custom testing and automation Knowledge: Familiarity with client/server-side vulnerabilities, business logic attacks, and modern frameworks (React, Angular, etc.) Experience testing Single Page Applications (SPAs) and cloud-hosted services Education: Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience/certifications (e.g., OSWE, eWPT, Burp Suite Certified Practitioner) Soft Skills Strong attention to detail with a deep analytical mindset Clear communication to explain technical issues to developers and non-technical stakeholders Passion for offensive security and continuous learning Preferred Certifications like OSWE, eWPT, or Burp Suite Certified Practitioner Experience in bug bounty programs or CTFs Exposure to DevSecOps pipelines and secure SDLC
