Application Penetration Testing Lead
5 hours ago
Application Penetration Testing Lead
Location: Hyderabad
Mode: Hybrid
Role Overview
The Application Penetration Testing Lead will own and execute advanced application security testing across web, mobile, cloud and API platforms. This role focuses on manual penetration testing and dynamic testing methodologies to identify and remediate vulnerabilities, lead a small team of testers, and work with development and architecture teams to improve the organisations application security posture.
Key Responsibilities
- Lead and perform end-to-end penetration tests for web, mobile, cloud and API applications, including dynamic testing, exploitation, and validation of fixes.
- Plan, execute, and author high-quality pen test reports with actionable remediation steps, risk ratings, and retest guidance.
- Perform architecture and design reviews from a runtime/attack-surface perspective to inform pentest scope and high-risk areas.
- Execute dynamic application security testing (DAST) and manual verificationfocusing on runtime attack vectors and exploitability.
- Use manual testing techniques (logic flaws, business logic abuse, chained vulnerabilities) beyond automated scan coverage.
- Utilize and maintain a toolkit of offensive security tools (Burp Suite Pro, OWASP ZAP, intercepting proxies, fuzzers, scanners, Nmap, etc.).
- Conduct vendor / third-party application penetration assessments and evaluate external integrations.
- Drive remediation by working closely with developers, architects, and product teams; prioritize vulnerabilities and define risk-based SLAs for closure.
- Mentor and guide junior pentesters on methodology, reporting standards, and advanced exploitation techniques.
- Communicate findings clearly to technical and non-technical stakeholders, present executive summaries for leadership.
- Maintain knowledge of emerging attack techniques, tooling, and application-level threats; adapt test methodologies accordingly.
- Technical Expertise
- Deep, hands-on experience in manual penetration testing for web, mobile, and API applications.
- Proficient with dynamic testing methodologies and tools (Burp Suite, OWASP ZAP, proxies, fuzzers, etc.).
- Strong knowledge of common and advanced application attack vectors (OWASP Top 10, WASC, CWE), exploitation paths, and mitigations.
- Proven experience testing applications built on Java/J2EE, .NET, Python, PHP, JavaScript stacks and modern frameworks.
- Solid understanding of HTTP/HTTPS, SSL/TLS, OAuth, SAML, session management, and authentication flows.
- Familiarity with network-level reconnaissance and tooling (Nmap, Nikto) as applied to application assessments.
- Experience assessing mobile apps (iOS/Android) and APIs (REST, GraphQL) for logic and security flaws.
- Knowledge of cloud-hosted application environments (AWS/Azure/GCP) as it relates to attack surface and test planning.
- Strong scripting skills for custom exploit development and automation (Python, Bash, or similar).
Preferred Qualifications
- Certifications: OSCP, OSWE, GPEN, GWAPT, ECSA, LPT, or equivalent.
- Experience with red-team style assessments or advanced chained-exploit scenarios.
- Familiarity with pentest orchestration and scheduling in CI/CD environments (scan runners, automation, retest workflows).
- Prior experience in regulated industries (BFSI, healthcare, etc.) or client-facing consulting engagements is a plus.
-
Penetration Testing
1 week ago
Hyderabad, Telangana, India Deloitte Full time ₹ 12,00,000 - ₹ 36,00,000 per yearSummaryPosition SummarySenior Analyst - Penetration Tester (Security Testing) - Deloitte Support Services India Pvt. Ltd.Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations? If you're interested in proactively preventing,...
-
Junior Penetration Testing Engineer
2 weeks ago
Hyderabad, Telangana, India Amgen Inc Full time ₹ 6,00,000 - ₹ 18,00,000 per yearWhat you will doIn this vital role has a strong focus on ensuring the organization's infrastructure, applications, and systems are secure from external and internal threats. This role is responsible for conducting authorized security tests on IT infrastructure to evaluate the strength of its systems against potential cyberattacks. A variety of automated...
-
Hyderabad, Telangana, India JPMorganChase Full time ₹ 10,00,000 - ₹ 25,00,000 per yearJOB DESCRIPTIONAs an Assessments & Exercises Lead in the Cyber and Tech Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. Design and deploy...
-
Penetration Tester-IN
3 days ago
Hyderabad, Telangana, India Genzeon Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAbout GenzeonDelivering excellence in IT services and solutions for the retail and healthcare sectors. Genzeon is a leading provider of intelligent automation, security, compliance, cloud, and managed services. Our healthcare capabilities integrate data systems, facilitate information flow, and leverage interoperability to improve clinical and operational...
-
Penetration Tester
3 days ago
Hyderabad, Telangana, India Vatins Systems Full time ₹ 6,00,000 - ₹ 12,00,000 per yearMinimum of 2 years of experience with OSCP/CRTP (mandatory) in cybersecurity roles, with a strong focus on application security, including Vulnerability Assessments, Penetration Testing, and threat intelligence integration on Web and Mobile.
-
Penetration Tester
5 days ago
Hyderabad, Telangana, India Hypersoft Technologies Limited Full time ₹ 8,00,000 - ₹ 12,00,000 per yearCompany DescriptionHypersoft Technologies Limited is a publicly traded company specializing in Software Products and Professional IT Services. We are known for our expertise in financial and business application products, custom software development, and consultancy services. With a focus on delivering scalable, reliable, and secure solutions, Hypersoft...
-
Penetration tester
6 days ago
Hyderabad, Telangana, India Kyndryl Full time ₹ 2,00,00,000 - ₹ 2,50,00,000 per yearWho We AreAt Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.The RoleJoin...
-
Principal Application Security Consultant
1 week ago
Hyderabad, Telangana, India Prudent Globaltech Solutions Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob Description:Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering...
-
Principal Application Security Consultant
3 days ago
Hyderabad, Telangana, India Prudent Globaltech Solutions Full time ₹ 12,00,000 - ₹ 24,00,000 per yearPrudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security...
-
Lead-Red team
5 hours ago
Hyderabad, Telangana, India, Telangana NopalCyber Full timeAbout NopalCyberNopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and...
