Job Title: Penetration Tester
Job Description – Responsibilities:
• Perform VAPT for web applications, APIs, mobile applications, and networks
• Identify security vulnerabilities and assess business risk impact
• Conduct manual and tool-based security testing
• Use security tools such as Burp Suite, Nmap, Nessus, Postman, Metasploit, Wireshark,
SQLMap, ZAP/Acunetix
• Apply OWASP Top 10, SANS Top 25, and secure coding principles during testing
• Support cloud security reviews on AWS and GCP (IAM, VPC, Security Groups, S3, etc.)
• Assist in threat modelling and secure design reviews
• Review authentication mechanisms including JWT, OAuth, and SAML
• Support Secure SDLC and integrate security into CI/CD pipelines
• Prepare clear, structured, and risk-based security assessment reports
• Work collaboratively with engineering, DevOps, and security teams for remediation
• Support compliance-related security activities for RBI and ISO 27001
• Track remediation progress and perform re-testing where required.
Experience Required:
• 1–3 years of experience in Penetration Testing / Application Security / VAPT
Skills Required:
• Strong analytical and problem-solving abilities
• Excellent written and verbal communication skills
• Ability to clearly explain technical security issues to non-technical stakeholders
• Collaborative team player with a positive working attitude
• High attention to detail with a quality-focused mindset