Explore the growing field of 56 Penetration Testing jobs in India
Penetration Testing Specialist
Posted today
Job Viewed
Job Description
Hi Folks,
We're Hiring for the leading Manufacturing Company of Electrical Connection and Protection solutions'.
About the Company
We’re looking for people who put their innovation work to advance our success – and their own. Join an organization that ensures a more secure world through connecting and protecting our customers with inventive electrical solutions.
Experience Required- 4+ years (less experience not considered)
OSCP/OSEP CERTIFICATION REQUIRED MANDATORY. (PLS DON'T APPLY IF YOU DON'T HAVE)
About the Role
WHAT YOU WILL EXPERIENCE IN THIS POSITION:
Responsibilities
- Conduct penetration testing of host/cloud-based applications, perform network security assessments, software/firmware analysis scans, evaluate and prioritize vulnerabilities using CVSS scoring, and document findings using organization-specific reporting tools.
- Research network-related protocols for network-connected products, including Industrial Control Systems (ICS), and perform related security assessments.
- Responsible for supporting nVent’s product cybersecurity verification testing program which is aligned to the ISA/IEC 62443 4-1 Security Development Lifecycle (SDL).
- Participate in continual efforts to automate as much testing as possible.
- Creating test report documentation to provide evidence of compliance to requirement.
- Support development and maintenance of a calendar of recurring cybersecurity audits, assessments, and activities;
track to ensure owners complete activities on time. - Maintaining list of tested products in appropriate nVent tools/databases.
- Work with product development teams to fill gaps found during verification testing.
Qualifications
- Bachelor’s degree or equivalent experience in related field.
Required Skills
- Ideally 5 years of experience in Penetration Testing, Application Security, QA, Network/IoT, or Offer Testing roles.
- Familiarity with test automation scripting tools or language.
- Familiarity with daily activity planning tools such as Atlassian Jira.
- Familiarity with either Agile or Kanban work environment.
- Ability to collaborate across key functions including IT and product engineering teams.
- Familiar with industry standards and best practices.
- Good verbal and written communication skills.
- Proven experience in Embedded Product Cybersecurity testing.
- Familiarity with ISA/IEC 62443 4-1 Security Development Lifecycle (SDL) requirements.
- Familiarity with Cybersecurity testing tools such as Burp suite/ZAP, BDBA, SAST, DAST, Fuzzing, and VA tools such as Nessus or Rapid7.
- Familiarity with Microsoft Threat Modelling tool.
- Demonstrated participation in Capture the Flag (CTF) cybersecurity contests with proven rankings or achievements.
Preferred Skills
- We have a dynamic global reach with diverse operations around the world that will stretch your abilities, provide plentiful career opportunities, and allow you to make an impact every day.
- We are a $2.5 billion, high-performance electrical company with a dedicated team of 11,241 people, across more than 80 global locations.
- We have a robust portfolio of product brands dating back more than 100 years and including: nVent CADDY, ERICO, HOFFMAN, RAYCHEM, SCHROFF and TRACER.
- Commitment to strengthen communities where our employees live and work.
- We encourage and support the philanthropic activities of our employees worldwide.
- Through our nVent in Action matching program, we provide funds to nonprofit and educational organizations where our employees volunteer or donate money.
- Core values that shape our culture and drive us to deliver the best for our employees and our customers. We’re known for being:
- Innovative & adaptable.
- Dedicated to absolute integrity.
- Focused on the customer first.
- Respectful and team oriented.
- Optimistic and energizing.
- Accountable for performance.
- Benefits to support the lives of our employees.
Pay range and compensation package:
UPTO 35 LPA only
Interested candidates can share their resumes at
Also, Can call/ whatsapp at
Regards,
Gulista Shaikh
Delivery Manager-HR
Penetration Testing Specialist
Posted today
Job Viewed
Job Description
Job Title: Senior Consultant – VAPT
Location: Mumbai, India
Experience: Minimum 3 Years
Job Type: Full-Time
Department: Cybersecurity / Information Security
Job Summary:
We are looking for a highly skilled and motivated Senior Consultant – VAPT to join our cybersecurity team in Mumbai. The ideal candidate will have a solid background in Vulnerability Assessment and Penetration Testing (VAPT) across web applications, mobile applications, infrastructure, and cloud environments. You will be responsible for conducting security assessments, identifying vulnerabilities, and providing actionable recommendations to improve our clients' security posture.
Key Responsibilities:
- Conduct end-to-end VAPT on:
- Web applications
- Mobile applications (Android/iOS)
- Internal and external networks
- Cloud environments (AWS, Azure, GCP)
- APIs and IoT devices (as applicable)
- Perform manual and automated security testing using industry-standard tools (e.G., Burp Suite, Nmap, Metasploit, Nessus, Nikto, etc.)
- Simulate real-world cyberattacks to uncover security weaknesses.
- Prepare detailed vulnerability assessment reports , risk analysis, and executive summaries for technical and non-technical stakeholders.
- Collaborate with clients to remediate identified vulnerabilities and re-test fixes as necessary.
- Stay updated on the latest security threats, vulnerabilities, tools, and best practices.
- Assist in developing security testing methodologies and improve internal testing frameworks.
- Mentor junior team members and support in training activities when required.
- Support pre-sales and proposal writing with technical inputs and scope definition when required.
Required Skills & Qualifications:
- Minimum 3 years of hands-on experience in VAPT roles.
- Strong knowledge of OWASP Top 10, SANS Top 25, and MITRE ATT&CK Framework.
- Experience in using tools such as:
- Burp Suite Pro, OWASP ZAP
- Kali Linux toolset (e.G., Nmap, Nikto, Hydra, SQLMap)
- Metasploit, Nessus, Nexpose, Qualys, Acunetix, etc.
- Good understanding of secure coding practices and common application/infrastructure vulnerabilities.
- Familiarity with scripting languages (Python, Bash, PowerShell) for custom tools or automation is a plus.
- Certifications such as OSCP, CEH, eCPPT, CRTP, or equivalent is highly desirable.
- Strong communication and documentation skills.
- Ability to work independently and in a team environment.
- Willingness to travel for on-site assessments if required.
Preferred Qualifications:
- Experience in Red Teaming or Purple Teaming engagements.
- Exposure to DevSecOps , CI/CD pipelines, or Secure SDLC processes.
- Experience with cloud security testing (AWS, Azure, GCP).
- Knowledge of regulatory frameworks (PCI-DSS, ISO 27001, NIST, etc.)
Penetration Testing Lead
Posted today
Job Viewed
Job Description
About Claranet
Founded at the beginning of the dot.Com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.
At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.
We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.
In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.
Working For Claranet
Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.
But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.
Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry-led membership group created to address the UK’s tech talent shortage and diversity gap through collective action.
Our Vision
Our vision is to become the most trusted technology solutions partner;
renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.
Position Summary
The Sr. Security Consultant has responsibility for everything from client projects to development work and training, dealing with large corporate penetration testing. With a focus on large-scale corporate penetration testing, this role demands both technical excellence and strong client engagement skills. The consultant is passionate about uncovering vulnerabilities and translating findings into actionable improvements, while building strong relationships through clear communication and exceptional customer service.
Our team is growing, and we need inspiring people to join us and help us to continue to build a world leading cyber security operation whilst benefiting from the opportunity to fulfil their potential.
Based in India, this work will lead on penetration testing and have the opportunity to work on projects with worldwide clients, and will form part of our global team of penetration testers who share research, tooling, experience and collaborate freely on projects.
As a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training, to both private customers, at our own events, and at leading international conferences.
Objectives and Key Results
The Sr. Security Consultant is part of the Consultancy Team and represents a trusted advisor and subject matter expert in cybersecurity.
The key objectives will be to:
- Deliver high-quality penetration testing and security assessments across web, mobile, network, and emerging technologies such as AI/LLM.
- Provide expert guidance and recommendations to clients for improving their security posture.
- Mentor and support junior consultants, helping to grow the team’s overall capabilities.
Essential Duties and Responsibilities
- Work individually or as a part of team delivering security assessments to NotSoSecure clients both remotely and onsite
- Conduct AI/LLM-specific security assessments, including:
- Prompt injection testing and jailbreaks.
- Data poisoning and model inversion attacks.
- Misuse testing for LLM-integrated applications (e.G., chatbots, copilots, RAG pipelines)
- Perform web application penetration testing, infrastructure penetration testing, code reviews and/or mobile application penetration testing
- Exploit vulnerabilities identified in client systems
- Create assessment reports explaining technical and business risk of the vulnerabilities discovered including remediation recommendations for the clients
- Communicate vulnerabilities to clients
- Manage project related tasks as per communicated deadlines
- Keep abreast with latest technology risks and utilise them in projects
- Participate in project conference calls and lead the technical content on those calls
Key Skills and Requirements
- 4+ years of experience in Information Security focussing on penetration testing
- 2+ years of client facing consulting work experience performing penetration testing
- 2+ years of work experience performing the AI/LLM penetration testing
- Strong technical skills in the areas of web application and web services penetration testing, infrastructure penetration testing and mobile apps penetration testing
- Hands-on knowledge of AI/ML fundamentals, including:
- NLP, transformers, and LLM architecture.
- Prompt engineering techniques (and bypasses).
- Common AI/ML attacks and defenses.
- Experience testing RAG (Retrieval Augmented Generation) and vector databases.
- Familiarity with frameworks like LangChain, LlamaIndex, Hugging Face.
- Experience with AI model hosting platforms (OpenAI, Anthropic, Azure OpenAI, local LLMs).
- Experience with penetration testing tools and tool suites such as Burp Suite Pro, NetSparker, Kali Linux, SQLMap, Nessus, etc
- Programming language skills such as Python, Java, .NET, C or C++ - (nice to have)
- Experience working with at least one scripting languages such as Python, Ruby, Bash, Javascript, etc.
- Operating systems skills such as Windows, Linux etc
- Excellent english language skills and ability communicate complex vulnerabilities to clients
- Spending time practicing skills on platforms such Hack The Box, Pentester Lab, Vulnhub, etc. and participating in CTF competitions
- Demonstrate high ethical standards
- Ability and Desire to travel upto 25% of the time (both nationally and globally)
Vulnerability Assessment & Penetration Testing Lead
Posted today
Job Viewed
Job Description
Your potential, unleashed.
India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond.
At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters.
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks
Your work profile.
As an Assistant Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: -
Key Responsibilities:
- Total 3+years of experience in Cyber security
- VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review
- Certification - OSCP, CRTP, CEH, EJPT
- Understanding of basic business and information technology management processes.
- Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture.
- Experience of Web Application Security Testing, Infrastructure VAPT, API testing.
- Experience on Mobile Security Pen-Testing (iOS and Android).
- Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc.
- Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc.
- Experience in basic scripting such as: Shell, Python, PERL, etc.
- Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5
Desired qualifications / Education :
· B.Tech /BE /BCA / B.Sc /M.Tech - Full time
· Candidates must possess security certification of CEH, LPT, OSCP.
· Good to have security certification for GPEN, CREST
Your role as Leader
We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society.
In addition to living our purpose, Senior Executive across our organization must strive to be:
- Inspiring - Leading with integrity to build inclusion and motivation
- Committed to creating purpose - Creating a sense of vision and purpose
- Agile - Achieving high-quality results through collaboration and Team unity
- Skilled at building diverse capability - Developing diverse capabilities for the future
- Persuasive / Influencing - Persuading and influencing stakeholders
- Collaborating - Partnering to build new solutions
- Delivering value - Showing commercial acumen
- Committed to expanding business - Leveraging new business opportunities
- Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization
- Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities
- Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s).
- Managing change - Responding to changing environment with resilience
- Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision
- Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems
- Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte
- Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive.
How you’ll grow
Connect for impact
Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report.
Empower to lead
You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership.
Inclusion for all
At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters.
Drive your career
At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte.
Everyone’s welcome… entrust your happiness to us
Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you.
Interview tips
We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.
*Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices.
At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution.
In this regard, you may refer to a more detailed advisory given on our website at:
Vulnerability Assessment & Penetration Testing Specialist
Posted today
Job Viewed
Job Description
Department: Cybersecurity / Information Security
Location: Bangalore (On-site)
Employment Type: Full-time
Interested candidates can apply using the form below.
We’re hiring experienced professionals to join our Cybersecurity team in two key positions:
- VAPT Engineer (L2/L3) – leading advanced vulnerability assessment and penetration testing across enterprise and cloud environments.
- Information Security Lead – Managed Security Services – managing SOC operations, cloud security governance, risk management, and incident response.
Both roles demand strong technical depth, leadership maturity, and hands-on expertise in enterprise and cloud security ecosystems.
Experience: 5+ years (hands-on)
Reporting To: VAPT Lead
Certification: OSCP preferred
Mode: In-office
Key Responsibilities
- Lead penetration testing across web, mobile, cloud, and infrastructure (Black/Grey/White box).
- Perform manual and automated vulnerability assessments using tools like Burp Suite, Nessus, Metasploit, Nmap, and custom scripts.
- Conduct threat modeling, cloud environment reviews, and risk assessments for business-critical systems.
- Execute security testing on public, private, and hybrid cloud platforms (AWS, Azure, GCP).
- Document findings and provide actionable remediation recommendations.
- Collaborate with DevOps, IT, and Cloud Engineering teams to address vulnerabilities.
- Mentor junior engineers and review reports for accuracy.
- Stay updated with emerging threats, zero-days, and modern attack vectors.
- Align testing with OWASP, NIST, ISO 27001, and cloud security best practices.
- Participate in red team assessments and security audits.
Requirements
- Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field.
- Deep understanding of network protocols, OS internals (Linux/Windows), and cloud architectures.
- Strong knowledge of cloud-native security tools (AWS Security Hub, Azure Defender, etc.).
- Hands-on scripting in Python, Bash, or PowerShell.
- Familiarity with DevSecOps, CI/CD pipelines, and container security (Docker/Kubernetes).
- Experience in secure coding, exploit development, and reverse engineering.
- Certifications like OSCP, CEH, GPEN, LPT, or CISSP are highly preferred.
Experience: 8–10+ years (with 5+ in SOC Leadership)
Certification: OSCP required
Mode: In-office
Key Responsibilities
- Lead SOC operations across L1–L3 analysts, ensuring 24/7 threat monitoring.
- Drive vulnerability management, patch governance, and proactive threat mitigation.
- Manage and secure multi-cloud environments, ensuring compliance and incident readiness.
- Oversee cloud security posture management (CSPM) and identity access governance (IAM).
- Lead incident response, RCA, and recovery for major on-prem and cloud-based incidents.
- Conduct enterprise-wide risk assessments, audits, and compliance checks.
- Ensure alignment with frameworks like NIST, GDPR, HIPAA, PCI-DSS, and ISO 27001.
- Define and implement security policies, playbooks, and automation workflows for cloud and on-prem systems.
- Present dashboards, risk reports, and threat trends to executive leadership.
- Manage relationships with technology partners, MSSPs, and cloud vendors.
Requirements
- 10+ years in Information Security, with at least 5 in SOC or Managed Security leadership.
- Deep understanding of cloud architectures, workload protection, and identity management.
- Hands-on experience with SIEM/SOAR tools (Splunk, ArcSight, Cortex XSIAM, QRadar, Microsoft Sentinel).
- Expertise in threat hunting, malware analysis, endpoint security (EDR/XDR), and cloud security monitoring.
- Proficiency in tools such as WAF, DLP, Burp Suite, and Nessus.
- Strong understanding of hybrid security models and advanced persistent threat (APT) response.
- Familiarity with ITIL or service delivery frameworks is a plus.
- Certifications such as CEH, OSCP, CISSP, or relevant cloud security credentials (CCSP, AWS Security Specialty) preferred.
Interested candidates can apply using the form below.
Please select the role you’re applying for and share your details accurately.
Or Send your resume to
Security Specialist - Penetration Testing
Posted today
Job Viewed
Job Description
Penetration Testers - Junior and Senior/Lead
Location:
In Office, Ahmedabad, Gujarat, India (not remote)
Full-time
Salary: Up to ₹12.5L (1,250,000) INR per year for Senior/Lead
Must undergo background check and security clearance
Candidates must already have the right to work and live in India
About Asite
Asite’s vision is to connect people and help the world build better.
Asite’s platform enables organizations working on large capital projects to come together, plan, design, and build with seamless information sharing across the entire supply chain.
Asite SCM is our supply chain management solution, which helps owners and Tier-1 contractors to integrate and manage their extended supply chain for delivering on capital projects.
Asite PPM is our project portfolio management solution, which gives you and your extended supply chain shared visibility of your capital projects through one common data environment.
Together they enable organizations to build digital engineering teams that can deliver digital twins and just plain build better.
The company is headquartered in UK (London) and has regional offices in US (New York and Houston), UAE (Dubai), Australia (Sydney), China (Hong Kong) and India (Ahmedabad).
Job Summary:
We are seeking two Penetration Testers - Junior and Senior/Lead - to join our team of security professionals.
As a senior/lead penetration tester, you will be responsible for conducting comprehensive penetration testing on web applications, mobile and desktop apps, APIs, infrastructure, and other systems such as IoT devices.
You will utilize your expertise in threat modelling, automation of testing, and advanced techniques to identify vulnerabilities and provide actionable recommendations to improve the overall security posture of Asite SDLC and systems.
You will manage a small team that you also must mentor and guide in the best practices and help grow at both professional and managerial level.
You’ll report to the Information Security Officer ME & APAC based in India) and to the CISO (based in London)
You must have a passion for knowledge sharing and continuous learning.
You are willing to undergo background checks and Security Clearance.
Key Responsibilities:
- Conduct thorough threat modelling, risk assessments and vulnerability scanning of web applications, mobile and desktop apps, APIs, infrastructure, and other systems
- Identify and exploit vulnerabilities using various penetration testing tools, techniques, and methodologies – PTES, NIST 800-115, OWASP
- Develop and maintain a comprehensive understanding of systems, including architecture, design patterns, and application logic
- Design and implement effective threat models to identify potential entry points for attackers using STRIDE and OWASP ASVS
- Automate testing using tools and integrating them such as vulnerability scanners, SAST, DAST, SCA and other relevant technologies including
- Collaborate with external penetration testing companies and clients to digest and review the risk of reports back to clients within their security requirements, provide recommendations to implement fixes to address identified vulnerabilities to internal stakeholders
- Stay up to date with the latest threats, vulnerabilities, red teaming, and penetration testing techniques through ongoing training and professional development
- Manage and mentor a team of juniors and interns.
Requirements:
7+ years of experience in penetration testing, with a strong focus on web applications, mobile and desktop apps, APIs, and infrastructure testing.
Willing to undergo background checks and security clearance.
Good level of Indi and English both spoken or written to a bilingual or at least Professional level, other languages at a bilingual/Professional level such as Arabic, Mandarin, French or German highly preferred.
Experience with cloud-based infrastructure and services - AWS, Azure, Google Cloud – containers, k8s and virtual machines.
Proven expertise in threat modelling, automation of testing, and advanced techniques (e.G., exploit development, reverse engineering)
OSCP or similar certification, GIAC Penetration Tester a plus
Strong knowledge of web application security frameworks, such as OWASP
Familiarity with mobile app security testing tools and techniques
Experience with desktop application security testing, including reverse engineering and exploit development
In-depth understanding of API security testing, including protocol analysis and exploitation.
Strong networking fundamentals, including TCP/IP, DNS, DHCP, BGP, etc.
Proficiency in scripting languages, such as Python, Ruby, PowerShell
Experience with agile development methodologies and collaboration tools like JIRA and their integrations
Excellent communication, problem-solving, and analytical skills
Nice to Have:
Familiarity with DevOps practices and security orchestration, automation, and monitoring (SOAM) tools
Knowledge of containerization technologies (e.G., Docker) and container-based vulnerability testing
Experience with OWASP ASVS and similar frameworks
Knowledge of machine learning models and associated security issues at the implementation and bypassing security restrictions.
Using API’s to automate work and systems along with reporting.
What We Offer:
Competitive salary and benefits package.
Opportunities for professional growth and development in a fast-paced and innovative environment
Collaborative team culture that values open communication, mutual respect, and teamwork
Access to cutting-edge security technologies and tools
Flexible work arrangements, including remote work options
If you are a motivated and experienced penetration tester looking for new challenges and opportunities, we encourage you to apply!
Join and help build a better, more efficient, safer and more secure world.
Security Specialist - Penetration Testing
Posted today
Job Viewed
Job Description
Job Purpose
As a Senior Penetration Tester, your primary role is to assess and enhance the security of our information systems, networks, and applications through comprehensive penetration testing and vulnerability assessments. You will work closely with our internal product teams to identify weaknesses in their systems and provide actionable recommendations for improvement. Your expertise will help safeguard sensitive data and protect our customers from potential cyber threats. Additionally, you will be responsible for coordinating penetration tests with third-party vendors when required.
Duties and Responsibilities
o Conduct penetration tests on a wide range of digital products, including networks, web, and mobile applications, to identify vulnerabilities and security weaknesses.
o Collaborate with internal product teams to understand their set-ups, goals, and constraints.
o Effectively communicate findings and solutions to technical and non-technical stakeholders.
o Prepare detailed and clear reports documenting findings, reproduce steps, and recommended remediation steps, ensuring the internal product teams understand the security implications.
o Work with cross-functional teams, including security engineers and developers to help them to implement security measures and resolve identified vulnerabilities.
o When your schedule is constrained, coordinate, and manage penetration tests with third-party vendors, ensuring high-quality and timely delivery.
o Contribute to the development and improvement of our testing methodologies, processes, and tools.
o Stay up to date with the latest threats, vulnerabilities, and exploits and develop new testing techniques as necessary.
o Conduct security tests based on products security requirements.
o
Authorities
o Authorized to conduct penetration tests and security tests on selected digital products.
o Authorized to make recommendations for remediation actions based on test results.
o Authorized to engage with internal product teams to discuss findings and recommendations.
o Authorized to coordinate and manage penetration tests with third-party vendors if needed.
Qualifications
o Bachelor’s degree in computer science/engineering, information security, or a related field.
o Proven experience in penetration testing, vulnerability assessment, and security testing with a minimum of 8 years in a similar role.
o Proven track record of conducting successful penetration tests for a variety of organizations and industries.
o Industry-recognized certifications such as Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN) certifications, or similar qualifications are highly desirable.
o Demonstrated experience in vulnerability research (e.G., CVEs) is a plus.
o Experience in designing, developing, and executing customized penetration testing methodologies.
o Familiarity with various tools and frameworks used in penetration testing, such as Metasploit, Burp Suite, Nessus, Nmap etc.
o Strong knowledge of operating systems (Windows, Linux, and mobile platforms), databases, and web technologies.
o A deep understanding of common security protocols and technologies, including firewalls, intrusion detection/prevention systems, SSL/TLS.
o Programming skills and experience with languages such as Bash, Python, and PowerShell
o The ability to provide clear, comprehensive, and actionable reports on penetration test findings, including recommendations for remediation.
o Exceptional written and verbal communication skills to effectively convey technical information to both technical and non-technical stakeholders.
Be The First To Know
About the latest Penetration testing Jobs in India !
Junior Penetration Testing Engineer
Posted 2 days ago
Job Viewed
Job Description
At Amgen, if you feel like you're part of something bigger, it's because you are. Our shared mission-to serve patients living with serious illnesses-drives all that we do.
Since 1980, we've helped pioneer the world of biotech in our fight against the world's toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you'll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.
Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you'll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.
Junior Penetration Testing Engineer
**What you will do**
Let's do this. Let's change the world. In this vital role has a strong focus on ensuring the organization's infrastructure, applications, and systems are secure from external and internal threats. This role is responsible for conducting authorized security tests on IT infrastructure to evaluate the strength of its systems against potential cyberattacks. A variety of automated tools and manual techniques are leveraged to simulate real-world attacks. The penetration tester then works with the organization to prioritize, remediate and report on identified issues, strengthening the overall security posture.
**Roles & Responsibilities:**
+ Assist in penetration testing and security assessments under the supervision of senior engineers.
+ Document findings, providing clear and actionable remediation recommendations.
+ Identify and report vulnerabilities in applications, networks, cloud environments, and infrastructure.
+ Perform hands-on exploitation techniques to validate security weaknesses.
+ Use automated security tools (e.g., Burp Suite, OWASP ZAP, Metasploit, Nmap) and manual testing techniques to identify vulnerabilities.
+ Research emerging cybersecurity threats and contribute to the improvement of penetration testing methodologies.
+ Collaborate with development and security teams to implement secure coding practices and security best practices.
+ Participate in adversarial simulations, red team and purple team exercises as part of security assessments.
+ Support security compliance efforts aligned with industry frameworks (e.g., NIST, ISO 27001, PCI-DSS).
+ Continuously learn and improve technical skills in ethical hacking, scripting, and exploit development.
**What we expect of you**
We are all different, yet we all use our unique contributions to serve patients.
Master's degree and 1 to 3 years of experience in Cybersecurity or information security operations OR
Bachelor's degree and 3 to 5 years of experience in Cybersecurity or information security operations OR
Diploma and 7 to 9 years of experience in Cybersecurity or information security operations
**Must-Have Skills:**
+ Basic knowledge of penetration testing methodologies (e.g., PTES, OWASP Testing Guide).
+ Understanding of network application security, application security, and cloud security.
+ Familiarity with OWASP Top 10, SANS Top 25, and common attack techniques.
+ Experience using security tools such as Burp Suite, Nmap, OWASP ZAP, and Metasploit.
+ Basic proficiency in scripting and automation (e.g., Python, Bash, PowerShell).
**Preferred Qualifications:**
**Good-to-Have Skills:**
+ Experience with **threat intelligence and adversary simulation** .
+ Basic knowledge of **secure coding practices** and defensive security measures.
+ Interest in **red teaming, social engineering, and cloud security testing** .
+ Preferred: eJPT (Junior Penetration Tester)
**Soft Skills:**
+ Curiosity & Continuous Learning - Passion for cybersecurity research and ethical hacking.
+ Analytical Thinking - Ability to identify patterns and security weaknesses.
+ Communication Skills - Ability to document findings and present them effectively.
+ Collaboration & Teamwork - Works well in a team-oriented environment, learning from senior testers.
+ Attention to Detail - Precision in identifying vulnerabilities and reporting them clearly.
+ Problem-Solving Mindset - Ability to analyze and troubleshoot security risks effectively.
**What you can expect of us**
As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we'll support your journey every step of the way.
In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.
**Apply now and make a lasting impact with the Amgen team.**
**careers.amgen.com**
As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease.
Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Cybersecurity Specialist - Penetration Testing
Posted today
Job Viewed
Job Description
Role Overview:
We are seeking a seasoned cybersecurity expert to lead our penetration testing efforts across various technologies. The ideal candidate will work closely with clients to provide expert guidance and recommendations to enhance their security posture.
Key Responsibilities:
- Conduct thorough penetration testing, encompassing web, mobile, network, and emerging technologies such as AI/ML
- Collaborate with clients to deliver actionable insights and tailored recommendations
- Mentor junior consultants and contribute to team growth and development
Requirements:
- 4+ years of experience in Information Security, specializing in penetration testing
- 2+ years of client-facing consulting work experience conducting penetration testing
- Demonstrated expertise in web application, infrastructure, and mobile app penetration testing
- Fundamental knowledge of AI/ML concepts, including NLP, transformers, and LLM architecture
Work Environment:
The selected candidate will be based in India and collaborate with a global team of penetration testers on international projects.
Professional Growth Opportunities:
The company offers opportunities for professional growth, including developing training skills and delivering security presentations at international conferences.
Expert Penetration Testing Specialist
Posted today
Job Viewed
Job Description
Job Title: Strategic Security Advisor
We are seeking a highly skilled Strategic Security Advisor to join our team. This individual will be responsible for delivering high-quality penetration testing and security assessments across various technologies, including web, mobile, network, and emerging technologies such as AI/LLM.
The ideal candidate will have a strong background in penetration testing, with a focus on large-scale corporate penetration testing. They should possess excellent technical skills in areas such as web application and web services penetration testing, infrastructure penetration testing, and mobile apps penetration testing.
In addition to technical expertise, the successful candidate will have excellent communication skills, enabling them to convey complex vulnerabilities to clients in a clear and concise manner. Strong problem-solving skills, a passion for uncovering vulnerabilities, and a commitment to continuous learning are also essential for this role.
If you are a motivated and experienced Security professional looking for a challenging opportunity, please submit your application.
Key Responsibilities:
- Deliver high-quality penetration testing and security assessments across web, mobile, network, and emerging technologies such as AI/LLM.
- Provide expert guidance and recommendations to clients for improving their security posture.
- Mentor and support junior consultants, helping to grow the team's overall capabilities.
Required Skills and Qualifications:
Strong technical skills in areas such as web application and web services penetration testing, infrastructure penetration testing, and mobile apps penetration testing.
Excellent technical knowledge of AI/ML fundamentals, including NLP, transformers, and LLM architecture.
Hands-on experience with penetration testing tools and tool suites such as Burp Suite Pro, NetSparker, Kali Linux, SQLMap, Nessus, etc.
Excellent English language skills and ability to communicate complex vulnerabilities to clients.
Ability and Desire to travel up to 25% of the time (both nationally and globally).
Benefits:
This is an exciting opportunity to join a dynamic team and contribute to the growth and success of the company. We offer a competitive salary package, opportunities for career advancement, and a collaborative work environment that values innovation and creativity.
If you are a passionate and experienced Security professional looking for a new challenge, we encourage you to apply for this position.
Application Instructions:
To apply for this position, please submit your resume and cover letter outlining your relevant experience and qualifications. We thank all applicants for their interest; however, only those selected for an interview will be contacted.
Thank you for your interest in this position. We look forward to reviewing your application.