Application Penetration Testing Lead
2 days ago
Application Penetration Testing Lead Location: Hyderabad Mode: Hybrid Role Overview The Application Penetration Testing Lead will own and execute advanced application security testing across web, mobile, cloud and API platforms. This role focuses on manual penetration testing and dynamic testing methodologies to identify and remediate vulnerabilities, lead a small team of testers, and work with development and architecture teams to improve the organisations application security posture. Key Responsibilities Lead and perform end-to-end penetration tests for web, mobile, cloud and API applications, including dynamic testing, exploitation, and validation of fixes. Plan, execute, and author high-quality pen test reports with actionable remediation steps, risk ratings, and retest guidance. Perform architecture and design reviews from a runtime/attack-surface perspective to inform pentest scope and high-risk areas. Execute dynamic application security testing (DAST) and manual verificationfocusing on runtime attack vectors and exploitability. Use manual testing techniques (logic flaws, business logic abuse, chained vulnerabilities) beyond automated scan coverage. Utilize and maintain a toolkit of offensive security tools (Burp Suite Pro, OWASP ZAP, intercepting proxies, fuzzers, scanners, Nmap, etc.). Conduct vendor / third-party application penetration assessments and evaluate external integrations. Drive remediation by working closely with developers, architects, and product teams; prioritize vulnerabilities and define risk-based SLAs for closure. Mentor and guide junior pentesters on methodology, reporting standards, and advanced exploitation techniques. Communicate findings clearly to technical and non-technical stakeholders, present executive summaries for leadership. Maintain knowledge of emerging attack techniques, tooling, and application-level threats; adapt test methodologies accordingly. Technical Expertise Deep, hands-on experience in manual penetration testing for web, mobile, and API applications. Proficient with dynamic testing methodologies and tools (Burp Suite, OWASP ZAP, proxies, fuzzers, etc.). Strong knowledge of common and advanced application attack vectors (OWASP Top 10, WASC, CWE), exploitation paths, and mitigations. Proven experience testing applications built on Java/J2EE, .NET, Python, PHP, JavaScript stacks and modern frameworks. Solid understanding of SSL/TLS, OAuth, SAML, session management, and authentication flows. Familiarity with network-level reconnaissance and tooling (Nmap, Nikto) as applied to application assessments. Experience assessing mobile apps (iOS/Android) and APIs (REST, GraphQL) for logic and security flaws. Knowledge of cloud-hosted application environments (AWS/Azure/GCP) as it relates to attack surface and test planning. Strong scripting skills for custom exploit development and automation (Python, Bash, or similar). Preferred Qualifications Certifications: OSCP, OSWE, GPEN, GWAPT, ECSA, LPT, or equivalent. Experience with red-team style assessments or advanced chained-exploit scenarios. Familiarity with pentest orchestration and scheduling in CI/CD environments (scan runners, automation, retest workflows). Prior experience in regulated industries (BFSI, healthcare, etc.) or client-facing consulting engagements is a plus.
-
Penetration Tester
2 weeks ago
Bengaluru, India SUVIKSAN TECHNOLOGIES PRIVATE LIMITED Full timeJob Description About Organization: Suviksan Technologies is a leading technology services and consulting company, specializing in delivering innovative solutions for complex digital transformation challenges. With over 3+ years of experience managing global enterprises, we proudly serve clients across 4 countries, including India, Germany, Sweden, and the...
-
Network Penetration Testing- Kali Linux
5 days ago
Bengaluru, India Cognizant Full timeJob Description Job Description Network Penetration Testing + Kali Linux + Ethical Hacking + Exploitation + Metasploit. Key Responsibilities - Perform structured penetration testing on computer systems, networks, and applications to identify potential vulnerabilities. - Evaluate the security of both software and hardware components to ensure compliance with...
-
Penetration Tester
3 weeks ago
Hyderabad, Telangana, India, Telangana NTT DATA, Inc. Full timeYour day at NTT DATA The Penetration Tester is a seasoned subject matter expert, responsible for assessing and evaluating the security posture of the company's information systems, networks, applications and infrastructure. This role involves conducting rigorous penetration testing and ethical hacking activities to identify vulnerabilities and potential...
-
Junior Penetration Tester
2 weeks ago
India Parrot CTFs Full timeCompany Description Parrot CTFs offers modern cybersecurity training and enterprise-grade consulting through their advanced Capture the Flag (CTF) platform. This platform includes over 150 real-world challenges and vulnerable lab machines, as well as specialized tracks such as Web Exploitation, Active Directory, Digital Forensics, Cryptography, and Reverse...
-
Junior Penetration Tester
2 weeks ago
India Parrot CTFs Full timeCompany DescriptionParrot CTFs offers modern cybersecurity training and enterprise-grade consulting through their advanced Capture the Flag (CTF) platform. This platform includes over 150 real-world challenges and vulnerable lab machines, as well as specialized tracks such as Web Exploitation, Active Directory, Digital Forensics, Cryptography, and Reverse...
-
Application Security Engineer
2 days ago
india QuEST Global Services Pte. Ltd Full timeQuest Global is an organization at the forefront of innovation and one of the world’s fastest growing engineering services firms with deep domain knowledge and recognized expertise in the top OEMs across seven industries. We are a twenty-five-year-old company on a journey to becoming a centenary one, driven by aspiration, hunger and humility. We are...
-
Senior Android Penetration Tester
21 hours ago
Chennai, India Dminds Solutions Inc. Full timeJob Description Job Title: Senior Android Penetration Tester Location: Remote Employment Type: Contract Experience Level: 10+ years (with specialization in Mobile Security) Looking for Immediate Joiners Only Role Overview We are seeking a highly skilled Senior Android Penetration Tester to lead advanced mobile application security testing and vulnerability...
-
Bengaluru, India Dicetek LLC Full timeJob Description Reporting VP, Cybersecurity Assessment Lead-Manager Key Responsibilities Job Description / Key Responsibilities - Security Testing: - Conduct security assessments and penetration testing on web, mobile, and API applications. - Identify and exploit vulnerabilities to determine their impact and risk. - Perform static and dynamic code analysis...
-
Junior Penetration Tester Remote
2 weeks ago
India Parrot CTFs Full timeCompany Description Parrot CTFs offers modern cybersecurity training and enterprise-grade consulting through their advanced Capture the Flag (CTF) platform. This platform includes over 150 real-world challenges and vulnerable lab machines, as well as specialized tracks such as Web Exploitation, Active Directory, Digital Forensics, Cryptography, and Reverse...
-
Application Security
3 weeks ago
Chennai, India CyberFort DigiSec Solution Private Ltd Full timeJob Description Company Description Cyberfort Digisec Solution Private Ltd. is lead by a team of seasoned Information Security Management professionals with over three decades of industry experience. They possess technical and managerial expertise, having held strategic roles in multinational corporations, government entities, Big4 firms, and the banking...
