▷ (Apply in 3 Minutes) Penetration tester II

Job Description About Astra: Astra is a cybersecurity SaaS company that makes otherwise chaotic pentests a breeze with its one-of-a-kind AI-led offensive Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 15,000+ security tests. CTOs and CISOs love Astra because it help them to achieve continuous security at scale, fix vulnerabilities in record time, and seamlessly transition from DevOps to DevSecOps with Astra's powerful CI/CD integrations. Astra is loved by 1000+ companies across 70+ countries. In 2024 Astra uncovered 2.5 million+ vulnerabilities for its customers, saving customers $110M+ in potential losses due to security vulnerabilities. We've been awarded by the President of France Mr. Franois Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security. Loom, MamaEarth, Muthoot Finance, Canara Robeco, Dream 11, OLX Autos etc. are a few of Astra's customers. Role overview: Ever dreamed of legally hacking into systems to make them stronger We're looking for a Penetration Tester II (Information Security Analyst II) to join our security-obsessed crew at Astra. If you're the kind of person who's curious about how systems can be broken (and loves the challenge of fixing them), this is your opportunity to turn that curiosity into real-world impact. You'll get hands-on experience with offensive security, collaborate with top minds in the space, and play a vital role in making the internet safer. This is where curiosity meets impact. At Astra you will be: - Performing hacker style pentests on our customer's applications and managing the entire pentest using our one of a kind Pentest platform. - Carrying out VA/PT for web apps, mobile apps, Cloud infrastructure, SaaS apps, network devices, open-source projects etc. - Contributing towards building intelligence for our DAST scanner. - Interacting with clients over remediation calls. - Facilitating clients to map out the steps for fixing vulnerabilities. - Maintaining our vulnerability management system. What you have: - OSCP or CREST certified - Strong understanding of OWASPs testing guidelines - 3-5 years of professional experience in doing pentests on multiple assets including web apps, cloud infrastructure etc. - Comfortable in Black Box, WhiteBox testing with capability of finding business logic vulnerabilities - Experience directly interfacing with customers over calls & emails - Able to understand code in anyone programming language Good to have: - A few published CVE's - A bug bounty/CTF experience Benefits of being an Astra-naut: - You'll own your work from day oneno micromanaging, just trust and impact. - Health Insurance cover for you and your spouse. - You'll join a team that's scaling fast but still feels like a close-knit crewthink startup energy with global reach. - You'll be surrounded by curious minds, creative thinkers, and people who genuinely care (and yes, we do have a dedicated meme channel on slack). - Dive deep into the captivating world of cybersecurity. - And yes, get ready for some unforgettable workcationsthink Chikmagalur & Jim Corbett. The previous one was at Wayanad, KL