- Experience : 5 Years of experience.

- Job Type : Remote & Chennai.

- Notice : Immediate to Max of 30 Days.

- Work Timings : 1-10 PM IST.

- Level of Interview : 2 (1 - Internal Screening and 1 - Customer Interview).

Roles and Responsibilities :

- 5- 7 years of hands-on experience in VAPT, preferably in both application and infrastructure testing.

- Perform manual verification and risk assessment of identified vulnerabilities.

- Track and validate remediation efforts in collaboration with IT and application teams.

- Execute black-box, grey-box, and white-box penetration tests on web applications, APIs, internal systems, external networks, and mobile apps.

- Exploit vulnerabilities in controlled environments to assess real-world risks.

- Simulate advanced threat actor behaviours and pivot through environments for lateral movement analysis.

- Review application architecture and code (static/dynamic analysis) for security issues.

- Work with DevOps and engineering teams to ensure secure SDLC practices are followed.

- Conduct threat modelling and provide recommendations during design and development phases.

- Prepare detailed reports with evidence of vulnerabilities, risk ratings, exploit techniques, and remediation guidance.

- Present findings to both technical and non-technical stakeholders.

- Maintain documentation of test plans, procedures, and assessment tools.

- Solid knowledge of OWASP Top 10, SANS 25, and CVSS scoring.

- Burp Suite, Metasploit, Nmap, Wireshark, Nikto, Hydra, and SQLmap SAST/DAST platforms like Fortify or Veracode.

- Proficiency in scripting (Python, Bash, or PowerShell) to build or extend tools.

- Strong understanding of TCP/IP, firewalls, IDS/IPS, and network protocols.

- Familiarity with cloud security (AWS, Azure, or GCP).

Required Certifications (any of the following) :