36 Penetrationtesting jobs in India

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you’ll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes.

Key Responsibilities:

• Perform manual and automated penetration testing across:
• Web Applications (based on OWASP Top 10)
• Infrastructure (external/internal IPs, firewall review, patch audits)
• Cloud Environments (basic Azure/AWS – IAM, Storage, Networking)
• Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures
• Use tools such as Burp Suite , Nmap , SQLMap , Nikto , Nessus/OpenVAS
• Write high-quality, detailed technical reports with:
• Screenshots for PoCs
• Remediation guidance
• Risk severity scoring (preferably CVSSv3 )
• Collaborate with clients to explain findings and provide actionable recommendations
• Contribute to toolchain improvements and lightweight automation (Python/Bash preferred)

Requirements

• 3–6+ years of hands-on experience in at least 2 of the following areas :
• Web Application Penetration Testing (OWASP Top 10)
• Infrastructure VAPT (internal/external, firewall, patch validation)
• Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking)
• Proficiency in:
• Manual testing techniques , fuzzing, and exploitation
• Burp Suite (Community or Pro)
• Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS
• Strong understanding of common vulnerabilities and exploitation techniques

Preferred Certifications

• CEH , eJPT , OSCP (or strong portfolio/proof of hands-on skill)
• AZ-500 or AWS Security Specialty (for cloud security exposure)

Good to Have

• Familiarity with scripting for automation (Python, Bash)
• Exposure to CVSSv3 for vulnerability scoring
• Experience with Dradis , Excel-based reporting , or similar tools

Apt Resources is hiring for our client, a leading cybersecurity services firm, seeking an experienced Senior Consultant – VAPT to join their expert team. The ideal candidate will have deep expertise in infrastructure and application security assessments, penetration testing, and a solid understanding of modern security threats and countermeasures.

• Conduct black-box and grey-box vulnerability assessments and penetration tests on system/network/cloud environments.
• Map network infrastructure, discover ports/services, and audit OS, network, and security configurations.
• Use tools like NMap, Nessus, Metasploit, Kali Linux for exploiting vulnerabilities.
• Stay current with CVEs and threat intelligence relevant to supported technologies.
• Prepare and present detailed findings and mitigation plans to clients.
• Deliver cloud infrastructure security assessments and configuration audits.
• Create and deliver comprehensive, client-specific technical reports.

• Perform vulnerability assessments of Web, Mobile, and Thick-client applications based on OWASP standards.
• Combine automated scanning with manual testing techniques to detect flaws.

• Conduct phishing and spear-phishing simulations to assess end-user security awareness.

Requirements

• Bachelor's degree in Computer Science, IT, or a related field.
• 8–10 years of hands-on experience in VAPT.
• CEH certification is required.
• OSCP or CREST certifications are a plus.
• Experience working in an MSSP (Managed Security Services Provider) environment is preferred.
• Strong understanding of Windows, Unix/Linux systems, firewalls, VPNs, and security infrastructure.

• Expertise in tools like NMap, Metasploit, Kali Linux, Nessus, NetCat, HPing, Qualys, and RetinaCS.
• Strong understanding of CVE databases, exploit development, and countermeasures.
• Familiarity with scripting languages such as C++, C#, Perl, HTML, Shell, etc.
• Knowledge of firewalls, IPS, DNS security, VLAN, web filtering, and VPNs.
• Experience with cloud security assessment across major platforms (AWS, Azure, GCP).

• Strong communication, presentation, and documentation skills.
• Ability to work independently and lead security assessments across client environments.
• Willingness to travel overseas for project deployments.
• Exposure to RFP response preparation, solution architecture, and client-facing presentations.

Benefits

Salary: Up to INR 18 LPA