3,064 Penetration Tester jobs in India

Company Description

DigiFortex is an emerging Cyber Security startup recognized by the Govt. of Karnataka and Silicon India. The company is ISO 27001 certified and empanelled by CERT-In for Information Security Auditing Services. DigiFortex operates globally, focusing on Advanced Penetration Testing (VA/PT), Managed Security Services (MSSP), Security Operation Centre (SOC), and more. With a US and Bangalore presence, DigiFortex has delivered projects for Fortune 500 companies and holds 17 US patents. We leverage incident automation and Cyber Intelligence to provide comprehensive cyber security insights for our clients.

Role Description

This is a full-time, on-site role for a Penetration Tester located in Mumbai. The Penetration Tester will be responsible for performing penetration tests on various systems, conducting application security assessments, and engaging in reverse engineering. The Penetration Tester will also perform red teaming activities, analyze malware, and assess overall cybersecurity postures.

Qualifications

• Skills in Reverse Engineering, Malware Analysis
• Expertise in Application Security, API & Web Security
• Experience in Red Teaming, Cybersecurity
• Excellent analytical and problem-solving skills
• Strong communication and collaboration abilities
• Relevant certifications such as OSCP or similar advanced certification is a plus
• Bachelor's degree in Cybersecurity, Computer Science, or related field
• PT Expertise across Web, API, Cloud AD, Red Team, Mobile etc.

Location: Mumbai

Desired Experience: ~ 2 years

If you are passionate about Cloud Security Audit, Offensive Security, Penetration Testing, Security Testing, ‘How To Break Product Security’ and Ransomware Solutions and if you are want to continuously evolve yourself within dynamism of Security, please share your resume.

Email:

DigiFortex Technologies Private Limited

We are seeking an experienced and detail-oriented Penetration Tester to assess the security posture of web and mobile applications. The ideal candidate will have a strong background in ethical hacking, vulnerability assessment, and hands-on experience identifying and exploiting application-level security flaws.

Key Responsibilities:

• Perform penetration testing of web and mobile applications to identify vulnerabilities and security weaknesses.
• Conduct threat modeling and risk analysis for new and existing applications.
• Simulate real-world cyberattacks and document exploit paths.
• Prepare detailed technical reports, proof of concepts, and risk assessments.
• Work closely with development and infrastructure teams to provide remediation guidance.
• Ensure compliance with industry standards such as OWASP Top 10 , CWE/SANS , and relevant data privacy regulations.
• Conduct security assessments using both manual techniques and automated tools.
• Stay up-to-date with the latest security threats, trends, and technologies.

Requirements:

• Minimum 4 years of experience in penetration testing or ethical hacking.
• Solid experience testing web and mobile applications (Android/iOS).
• Proficiency with tools such as Burp Suite, OWASP ZAP, Metasploit, Nmap, Nikto, MobSF , etc.
• Deep understanding of web technologies (HTTP/HTTPS, APIs, authentication mechanisms).
• Familiarity with OWASP Top 10 , Mobile Top 10 , CVSS scoring, and common exploit techniques.
• Experience with manual testing techniques to complement automated tools.
• Strong knowledge of common mobile platforms and application architectures.
• Scripting skills (Python, Bash, or similar) to aid in custom testing scenarios.
• Excellent documentation, reporting, and communication skills.

Experience: MAX 5 to 12 Yrs

Location: HYD/MUM/CHN

Requirements

Education: B.E. / B. Tech/M.E. /M. Tech

Certifications, If Any: GWAPT, CEH, OSCP, SANS, CEH

Foundational Skills:

· Strong hands-on experience in conducting comprehensive manual penetration tests and source code reviews against web, API, mobile applications, services, platforms, systems, and networks to identify security vulnerabilities.

· Solid experience in using various security tools such as Invicti, SoapUI, Burp Suite Pro, Checkmarx, Kali Linux, Metasploit, etc.

· Very Good Communication & Interpersonal skills.

· Knowledge of network and Web related protocols/technologies.

· Experience with latest penetration testing techniques (e.g., web application proxies, packet capture analysis software, browser extensions, advanced penetration testing tools (full stack), Linux distributions, Windows OS, etc.).

· Experience of penetration testing on mobile platforms such as iOS, Android, and mobile device simulators.

· Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Python, Perl, Shell script, Objective-C, and SOAP/REST web APIs.

· Expert-level experience and knowledge in the following areas:

o Authentication and security protocols.

o Application session management.

o Applied cryptography.

o Common communication protocols.

o Mobile frameworks.

o Single sign-on technologies.

o Development frameworks (Angular, React, etc.).

o Exploit automation platforms.

· Knowledge of a Structured Query Language.

· Developer experience or coding background (nice-to-have).

Desired Skills:

· Experience of penetration testing and source code reviews on web, API and mobile platforms.

· Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C, and SOAP/REST web APIs.

Work Timings: 11:00 AM to 8:00 PM

Employment Type

Permanent

Closing Date

8 Sept :59pm

Job Title

Penetration Tester

Job Summary

As a Security Testing-Senior Specialist, you have a passion for security and ethical hacking and are equally motivated to build Telstra’s awareness and understanding of security policies, standards and procedures. You thrive on building a deep understanding of how best to protect the organisation's data whilst making innovative recommendations for changes and improvements. Your expertise in vulnerability assessment and penetration testing is critical to identifying and resolving security weaknesses that pose a risk to Telstra and our customers.

Job Description

Are you an Australian citizen based anywhere in Australia who wants your work to directly protect millions of Australians across families, communities, and critical services by strengthening the systems they rely on every day?

Curious, creative, and security-savvy? If so, read on.

We’re inviting applications from those who see a login screen and wonder what’s behind it (ethically, of course). If you thrive on solving complex problems, enjoy mentoring others, and love the idea of making systems stronger by testing their limits, this is the role for you.

You'll lead high-impact security assessments, shape future capabilities, and embed automation into our testing program—all while working flexibly in a team that supports you to do your best work, your way. You’ll be joining a supportive, experienced team that values knowledge-sharing, mentoring, and celebrating each other's wins.

What You’ll Be Doing

• Conducting white, grey, and black box penetration tests

• Reviewing source code to uncover hidden vulnerabilities

• Leading vulnerability assessments across systems and networks

• Driving automation and process improvements

• Mentoring team members and promoting secure coding practices

• Collaborating across teams to strengthen Telstra’s security posture

What You Bring

• 7+ years in security testing, including 3+ years in penetration testing and source code review

• Strong scripting and automation skills

• Experience with CI/CD pipelines and security tool integration

• Ability to communicate technical risks clearly to diverse stakeholders

• Industry certifications like OSCP, OSWE, CREST, CISSP, GPEN, or GWAPT are a plus

Why Telstra?

• Flexible work that works for you – remote-first, hybrid options, and genuine flexibility

• Support to grow – lead, learn, and take on new challenges with confidence

• Inclusive and collaborative culture – we value different perspectives, backgrounds, and ideas

• Purposeful work – help protect millions of Australians and build a safer digital future

• Tools that empower – access to cutting-edge tech, a smart team, and space to make an impact

Ready to make your mark?

We’re building a team as diverse as the country we protect. Don’t worry if you don’t tick every box if you’re passionate, curious, and eager to grow, we want to hear from you.

Apply today and help secure Australia—one vulnerability at a time

We're amongst the top 2% of companies globally in the CDP Global Climate Change Index 2023, being awarded an 'A' rating. If you want to work for a company that cares about sustainability, we want to hear from you.

As part of your application with Telstra, you may receive communications from us on +***

When you join our team, you become part of a welcoming and inclusive community where everyone is respected, valued and celebrated. We actively seek individuals from various backgrounds, ethnicities, genders and disabilities because we know that diversity not only strengthens our team but also enriches our work. We have zero tolerance for harassment of any kind, and we prioritise creating a workplace culture where everyone is safe and can thrive.

As part of the hiring process, all identified candidates will undergo a background check, and the results will play a role in the final decision regarding your application.

We work flexibly at Telstra. Talk to us about what flexibility means to you. When you apply, you can share your pronouns and / or any reasonable adjustments needed to take part equitably during the recruitment process.

We are aware of current limitations with our website accessibility and are working towards improving this. Should you experience any issues accessing information or the application form, and require this in an alternate format, please contact our Talent Acquisition team on *** or via the additional contact options found at ***>

Responsibilities

Our Principles

These are some of the principles that we strongly believe in, preach and actually follow as well.

Commitments

We clearly commit what we can do, by when can we do it and how we would do it, And then we do it.

Confidentiality

We are extremely paranoid about protecting the confidentiality of what we do, for whom and how we do it.

Comfortability

We ensure comfortability of you and your team with ours, which can only come from complete transparency.

Capability

We keep improving our already awesome capabilities by investing all resources at our disposal.

Penetration Tester Jobs

Penetration Tester Requirements

Penetration Tester Job Description

• Perform formal penetration tests on web-based applications, networks and computer systems
• Web application penetration testing jobs
• Conduct physical security assessments of servers, systems and network devices
• Design and create new penetration tools and tests
• Probe for vulnerabilities in web applications, fat/thin client applications and standard applications
• Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
• Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
• Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
• Research, document and discuss security findings with management and IT teams
• Review and define requirements for information security solutions
• Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
• Provide feedback and verification as an organization fixes security issues

Penetration Tester Required Skills

• 7+ years of experience in security applications and systems
• 5+ years of DAST (Dynamic Application Security Training) experience
• Minimum of 5 years of demonstrated experience with automated penetration tools
• Minimum of 5 years of demonstrated experience with manual penetration testing tools
• Advanced Information Security technical skills
• Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
• Knowledge and understanding of banking or financial services industry
• Experience working in a large enterprise environment
• Strong analytical skills with high attention to detail and accuracy
• Knowledge and understanding of information security industry standards and government regulations
• Demonstrated experience developing and reviewing malicious use cases/threat models
• Ability to work weekends and holidays as needed or scheduled

Perception Perfection

CryptoMize is dedicated to ensure a prominent progress to how the world perceives you. We help you to establish your perception to the extent of perfection with our devised strategic plan and techniques.

Reputation

Sentiment

Promotional Parlance

CryptoMize introduces you to Promotional Parlance which not only promotes your cause but provides a personalized-edge. Our solutions are tailored in a strategic way that attracts the audience in a way that they are most receptive to.

Marketing

Outreach

Public Relations

CryptoMize formulates a proactive strategy to amplify your Media Outreach without compromising your reputation. CryptoMize assists you in communicating with your intended audience to achieve a global outreach.

Brand

Media

Political Catalysis

We bring efficiency to governance operations through intelligence and strategic thinking. By integrating digital approaches, CryptoMize seeks to improve Campaign Strategies and governance in general.

Politics

Consultancy

Policing Phronesis

CryptoMize, with the help of its special mix of Forensics and Consultancy, aims to handle all sorts of cyber crimes affecting your organisation and provide you with the best guidance for such situations.

Intelligence

Forensics

Privacy Enforcement

CryptoMize is driven by the belief that none of your valuable data should go unprotected. Our experts put concerted effort to preserve your privacy in order to minimize the impact of cybercrime.

Privacy

Security

What Makes Us Different?

CryptoMize offers a full spectrum of elite services derived with preemptive analysis and strategic planning to our clients. We work efficiently with our proficient and proactive team by utilising extraordinary tools.

Collaboration with Dignitaries

We collaborate with highly influential and prominent personalities around the world. Being transcendental and visionary has its own benefits, our supremacy of being omnipresent empowers us to command, control and maneuver information from the internet.

Powerful Team

CryptoMize is the combination of a powerful team that works on a supportive, transparent and encouraging platform. With spontaneity and dedication to the advancement of technology, we aspire to be better at what we do for people who trust us with their information and projects.

Triple-Proof Approach

We execute a triple-proof approach from conducting thorough research, developing strong strategies, to guaranteeing information security. This proves beneficial for our clients to reach their desired goal.

Our Core Values

Trust

We seek to connect and build relationships with our clients.That is our core principle of our work ethic which we fully-abide to. We works on 3 principles: Respect, Honesty and Transparency.

Reliability

Commitment is an act, not a word. We believe in delivering and living up to your expectations. We have grown into a global agency only through our commitment to deliver and our reliability factor.

Safety

We are extremely paranoid about protecting our client’s safety of what we do, for whom and how we do it. We maintain absolute non disclosure and confidentiality to ensure that nothing sensitive goes out.

Passion

Our passion generates enthusiasm for what we do and how we do it. We inspire, find creative ways and nurture ideas with passion. We strategize based on audience attention.

Innovation

We believe in innovation, change and risk taking. With technology, we reinvent ourselves. Innovation is the reason how we are able to eliminate obstacles for cultivating growth.

Excellence

We ensure to maintain your eminence by reinventing ourselves with our core values that inspire excellence. We strive for quality in everything we do.

OUR PRESENCE

Our Journey So Far

Successfully establishing ourselves globally in 3+ continents.

Giving us an edge over everyone else who is trying to solve similar problems.

Serving great value to our clients since the past decade.

Our Vision

In the days of yore, gathering intelligence was a matter of sending out spies. Today the world has changed, and intelligence is as much about technology as it is about people. We are redefining what it means to truly protect you and your business. From network security, to cloud recovery, to data recovery, CryptoMize focuses on your technology’s vulnerabilities so you can avoid pitfalls and stay ahead.