Penetration Tester

1 month ago

Hyderabad, India Claranet Full time

**About The Role**:
**Role**

The primary function of a Penetration Tester in the Continuous Security Testing (CST) team is to continually review the customers’ defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. Penetration Testers are also responsible for pre-engagement activities including scoping, statements of work, working with customers to determine their testing requirements and restrictions, and on boarding customers into the service.

**Essential duties & responsibilities**:
The Continuous Security Testing service is a consultant led vulnerability identification and verification service which makes use of automated vulnerability scanning along with significant manual testing against a broad scope in a continuing engagement. The purpose of the service is to continually monitor a customer’s external attack surface for new vulnerabilities, changes in the scope of the attack surface, and proactively inform customers of discovered issues along with recommended remediation; with the overall aim of reducing the lifetime of each vulnerability. Manual testing includes identification of issues which automation alone could not identify, exploitation of all issues, often chaining multiple findings together in order to determine the true impact of vulnerabilities for the customer.
- Pre-engagement activities including scoping of assessments and statements of work, and determining customer requirements and restrictions.
- On boarding customers into the service including configuration of continual scanning, and liaising with customer to resolve issues which may reduce the effectiveness of scanning.
- Monitoring of the customers’ external perimeter for changes, and proactive discovery of new targets to include within the customer’s scope.
- Manual identification and exploitation of vulnerabilities.
- Manual verification and exploitation of scanner findings.
- Detailed analysis of issues identified and exposure for the customer including proof of concept, reproduction steps, and recommended remediation.
- Communication of findings to the customer in a detailed, accurate and manageable manner both orally and through written vulnerability/scope notifications and periodic summaries.
- Assisting in the continual development of the team and service through research and development activities. This includes the development of in-house tools the implementation of tools released to the community, and design and documentation of new and existing internal systems and processes.
- Continual professional development to maintain and develop knowledge and technical competencies.
- Maintain professional technical qualifications to demonstrate competency to our clients.
- Contributing to the writing and publishing of whitepapers and advisories.
- Undertaking projects and support tasks as appropriate to the role.

**About You**:
**Position specifications**

**Essential**:

- Excellent written and spoken English including presentation, structure, spelling, and grammar. Along with experience conveying technical information in an accessible manner.
- Core computing skills including but not limited to:

- Networking fundamentals - understanding of OSI Model, TCP/IP, HTTP, DNS, SMB, SMTP and relevant tools.
- Microsoft Windows and Office proficiency along with proficiency in one or more Linux distributions.
- REST APIs, SOAP APIs, XML and JSON formats.
- Vulnerability identification and exploitation (not limited to OWASP Top 10).
- Experience with common assessment tools such as MITM proxies (e.g. Burp Suite Pro) and SQLMap.
- Good knowledge of internal and external infrastructure technologies and security assessment including but not limited to:

- Identification and exploitation of misconfigurations or known vulnerabilities in common enterprise infrastructure and services (Windows Domains, Linux servers, virtualisation, databases, switches/routers, etc).
- Windows and Linux Sandbox/Desktop Breakout.
- Knowledge of a scripting language such as Python (preferred), Ruby, PowerShell, or Bash, for the development of new, or editing existing, tools.
- Excellent time management including setting priorities and goals to complete assigned and arising tasks.

**Desirable**:

- Knowledge of Open Source Intelligence gathering techniques. Including but not limited to use of Google dorks, DNS, domain registration, certificate transparency, and other public sources of information.
- Experience with live bug bounties, particularly where automation has been implemented.
- Knowledge of security considerations in the cloud (AWS, Azure, and GCP), particularly identifying vulnerable configurations through management and API access along with exploitation of web/infrastructure vulnerabilities specific to cloud environments.

**Desirable Certifications**:

- CRT - CREST Registered Penetration Tester (or above).
- OSCP - O

  • Penetration Tester

    1 month ago

    Hyderabad, India Experian Full time

    Job DescriptionJob DescriptionPosition Overview:At Experian, we recognize the need for vigilant cybersecurity to safeguard our systems and data. As such, we are seeking a Penetration Tester to fortify our defenses and ensure our digital assets remain secure.Role Definition:The Penetration Tester is an essential part of our cybersecurity team, responsible for...

  • Penetration Tester

    1 week ago

    Nanakramguda, Hyderabad, Telangana, India VATINS SYSTEMS PVT LIMITED Full time

    **Job Description for Penetration Tester** **Position**: Penetration Tester **Location**: Hyderabad, India We have an opening for a Penetration Tester to join our team and help our development initiatives. This is a great opportunity for aspiring Penetration Tester’s to obtain practical experience and make a meaningful...

  • Penetration Tester

    2 months ago

    Hyderabad, India Experian Full time

    Job Description Job Description Position Overview: At Experian, we recognize the need for vigilant cybersecurity to safeguard our systems and data. As such, we are seeking a Penetration Tester to fortify our defenses and ensure our digital assets remain secure. Role Definition: The Penetration Tester is an essential part of our cybersecurity team,...

  • Penetration Tester

    2 months ago

    hyderabad, India Experian Full time

    Job Description Job Description Position Overview: At Experian, we recognize the need for vigilant cybersecurity to safeguard our systems and data. As such, we are seeking a Penetration Tester to fortify our defenses and ensure our digital assets remain secure. Role Definition: The Penetration Tester is an essential part of our...

  • Penetration Tester

    1 month ago

    Hyderabad, Telangana, India Experian Full time

    **Company Description** Experian unlocks the power of data to create opportunities for consumers, businesses and society. During life’s big moments - from buying a home or car, to sending a child to college, to growing a business exponentially by connecting it with new customers - we empower consumers and our clients to manage data with confidence so they...

  • Penetration Tester

    2 months ago

    hyderabad, India BreachLock Full time

    Penetration Tester    Job Overview:   We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive...

  • Penetration Tester

    2 months ago

    Hyderabad, India BreachLock Full time

    Penetration Tester  Job Overview: We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive...

  • Penetration Tester

    1 month ago

    Hyderabad, India BreachLock Full time

    Penetration TesterJob Overview:We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Penetration Tester

    4 weeks ago

    Hyderabad, India BreachLock Inc Full time

    Job Overview:We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Penetration Tester

    1 week ago

    Hyderabad, India BreachLock Inc Full time

    Job Overview: We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Penetration Tester

    4 weeks ago

    hyderabad, India BreachLock Inc Full time

    Job Overview:We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Penetration Tester

    4 weeks ago

    Hyderabad, India BreachLock Inc Full time

    Job Overview:We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Penetration Tester

    4 weeks ago

    Hyderabad, India BreachLock Inc Full time

    Job Overview:We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Associate Penetration Tester

    7 days ago

    Hyderabad, India Claranet Full time

    **About The Role**: **Department** Sec-1 is a Claranet Group Company, established since 2001 and now providing professional standard Information Security Solutions to over 600 customers across Public and Private sectors. Sec-1 Ltd’s Continuous Security Testing (CST) team is composed of highly skilled penetration testers with a real passion for improving...

  • Penetration Tester

    2 weeks ago

    Hyderabad, India BreachLock Inc Full time

    Job Overview:We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role in staying ahead of emerging threats through proactive security...

  • Junior Penetration Tester

    1 month ago

    Hyderabad, India Claranet Full time

    **About The Role**: Claranet Cyber Security is a world class business unit within Claranet, designed to give customers access to market-leading information security services spanning; training, consulting, and managed services. The penetration testing team at Claranet Cyber Security is composed of highly skilled, professional ethical hackers with a real...

  • Cst Penetration Tester

    4 weeks ago

    Hyderabad, India Claranet Full time

    **About The Role**: **Role** The primary function of the Penetration Tester in the CST team is to continually review the customers’ defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. The Penetration Tester is also responsible...

  • Penetration Tester

    7 days ago

    Hyderabad, India NopalCyber Full time

    ·Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques.Application Penetration Testing (Browser-based, API, Mobile, IoT)Threat ModelingSource Code ReviewPerform penetration testing on web applications and APIs (internal and external) to...

  • Penetration Tester

    2 weeks ago

    hyderabad, India NopalCyber Full time

    ·        Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques.Application Penetration Testing (Browser-based, API, Mobile, IoT)Threat ModelingSource Code ReviewPerform penetration testing on web applications and APIs (internal and...

  • Penetration Tester

    2 weeks ago

    Hyderabad, India NopalCyber Full time

    ·         Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques.Application Penetration Testing (Browser-based, API, Mobile, IoT)Threat ModelingSource Code ReviewPerform penetration testing on web applications and APIs (internal and...