This dynamic role combines hands-on penetration testing with prototype tool development, giving you exposure to cutting-edge research and creation of automated testing and security data analytics tools for enterprise networks and web applications. You'll actively engage in penetration testing projects to deepen your expertise while contributing to innovative solutions that drive real-world security improvements. Ideal for a driven professional with 2-6 years of experience in a collaborative, fast-evolving environment.
Exp: 2-5 years
Location: Chennai
Key Responsibilities
- Perform comprehensive penetration tests and vulnerability assessments on systems, networks, and applications, exploiting weaknesses through manual and automated methods.
- Analyze results thoroughly, document findings, and present them clearly to technical and non-technical audiences.
- Design and execute detailed test plans, working closely with developers, administrators, and engineers to remediate vulnerabilities.
- Manage project timelines, client interactions, and deliverables while staying current on emerging threats and techniques.
- Engage in red team exercises using the MITRE ATT&CK framework, contribute to security policies, and support system hardening.
- Develop reports, interact with clients on findings and recommendations, and assist in custom projects as needed.
- Provide guidance on secure coding, configurations, and best practices to cross-functional teams.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- 2-6 years of hands-on experience in penetration testing and vulnerability assessments, with emphasis on web applications, networks, and infrastructure.
- Proficiency in scripting/programming languages such as Python, Bash, or Rust.
- Expertise with tools and platforms like Kali Linux, Metasploit, Burp Suite, Nmap, and Wireshark.
- Deep knowledge of common vulnerabilities (e.g., SQL injection, XSS, buffer overflows) and mitigations, plus standards like OWASP Top 10, CVE, CWE, SANS, OSSTMM, and NIST.
- Strong analytical, creative problem-solving, and communication skills.
- Preferred: Relevant certifications such as GIAC, OSCP, OSEP, HTB, CEH, CompTIA PenTest+, CRTP, or CRTE.