Job Title

Only Immediate Joiner- Within 8-10 days 5+ Years Rotational Shift Hyderabad, IND (ONSITE) Job Responsibilities: • Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques. • Application Penetration Testing (Browser-based, API, Mobile, IoT) • Threat Modeling • Source Code Review • Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications. • Perform red team exercises to determine where weaknesses in the client’s infrastructure and how it should be remediated. • Organizing and delivering technical security operational briefings for both technical and non technical audiences. • Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics. • Dynamic application security testing (DAST) scans on the identified targets without credentials. • Perform credentialed DAST scans on known client URLs. • Conduct research to identify new attack vectors. • Review and provide feedback for all Security Artifacts. • Play a critical role in building an AppSec program that has a wide scope and impact. • Researching Open source emerging technologies, developing required frameworks and capabilities to perform red team exercises on new technologies adopted by clients. • Preparing and delivering clear, accurate, and concise written and oral technical reports for management. Job specifications: 1. Qualification: • Bachelor’s degree in Engineering or closely related coursework in technology development disciplines • Certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN are desirable 2. Experience: • Total Experience – 4+ years 3. Desired Skills: Knowledge and Experience: • Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE). • A thorough understanding of the Secure Development Life Cycle • Have comprehensive knowledge of common vulnerabilities (e.g., OWASP Top 10), diverse application attack vectors, security testing processes, and both wired and wireless network security protocols. • Have familiarity with common threat tactics and tools (Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App detective, Web Inspect, etc.). • Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.). • Mobile platform penetration testing tradecraft and methodologies across widely-used platforms (iOS and/or Android). • Microservices testing Ability to find and exploit bugs in: • C++, Java, JavaScript, Go, and Python • Kubernetes, AWS, GCP, or Azure • Memory management, namespaces, cgroups, etc. • Passion for writing code to solve problems combined with an interest in Offensive Security. • Ability to demonstrate a strong background in one of the following languages: o Golang, Python, Java, JavaScript, C++, C