Penetration Tester

5 days ago

Remote, India IICSEH Full time ₹ 12,00,000 - ₹ 36,00,000 per year

Job Title: Penetration Tester / Application Security Engineer

Location: Remote

Experience: 1-4 years

Department: Cybersecurity

Role Overview:

We are seeking a highly skilled and passionate Penetration Tester with hands-on experience across multiple domains including Web, Network, Mobile, Cloud, Active Directory, and Red Teaming. The ideal candidate should possess strong practical knowledge of attack methodologies, exploit development, and modern security testing techniques — not just certifications.

You will be responsible for performing deep technical security assessments, identifying vulnerabilities, and helping clients strengthen their security posture through well-documented findings and mitigation guidance.

Key Responsibilities:

  • Perform Web Application Penetration Testing (WAPT) using both manual and automated techniques.
  • Conduct Application Security Assessments, including SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis).
  • Execute Mobile Application Penetration Testing (Android/iOS) – good to have.
  • Perform Cloud Security Assessments on AWS and Azure environments, including misconfiguration and IAM exploitation testing.
  • Conduct Active Directory (AD) Penetration Tests and simulate Red Team Exercises focusing on internal attack chains and lateral movement.
  • Perform Network & Infrastructure Penetration Tests across Windows, Linux, and network protocol stacks.
  • Test and audit Firewalls, Routers, Switches, Load Balancers, and other networking components for configuration flaws and exploitable weaknesses.
  • Execute Citrix Penetration Tests and identify remote access risks (good to have).
  • Collaborate with development and DevSecOps teams to integrate security testing into Agile and CI/CD pipelines.
  • Prepare detailed technical and executive-level reports, including risk ratings and remediation advice.
  • Communicate effectively with both technical and non-technical stakeholders.

Required Knowledge:

  • Deep understanding of OWASP Top 10, MITRE ATT&CK, PTES, and NIST frameworks.
  • Familiarity with tools such as Burp Suite, Nmap, Nessus, Metasploit, BloodHound, CrackMapExec, Cobalt Strike (or equivalents), AWS Inspector, Azure Security Center, etc.
  • Proficient in scripting (Python, Bash, PowerShell, or Go).

Certifications (Preferred but Not Mandatory):

  • OSCP, CPSA, CRT, CRTP, CEH, OSEP, OSWE, AZ-500, AWS Security Specialty

(Practical hands-on experience is valued more than certifications.)

Soft Skills:

  • Strong communication and report-writing skills.
  • Ability to explain complex vulnerabilities in simple terms.
  • Team collaboration, adaptability, and proactive problem-solving mindset.

Why Join Us:

  • Work on cutting-edge Red Team and Offensive Security projects.
  • Opportunity to explore AI-driven and cloud-native attack surfaces.
  • Collaborative team culture that values learning, innovation, and ethical hacking excellence.

Job Type: Full-time

Pay: ₹1,300, ₹1,800,000.00 per year

Work Location: Remote

  • Penetration Tester

    1 hour ago

    Remote, India ICEH Full time

    **Job Title: Penetration Tester / Application Security Engineer** **Location**: Remote **Experience**: 1-4 years **Department**: Cybersecurity **Role Overview**: You will be responsible for performing deep technical security assessments, identifying vulnerabilities, and helping clients strengthen their security posture through well-documented findings and...

  • Penetration Tester

    6 days ago

    Remote, India Agylex-Sprinx Global Full time

    **Location**:UAE (Relocation Needed) **Duration**: 12 months + 12 months **Position Overview**: **Key Responsibilities**: - Collaborate closely with interdisciplinary teams to analyze and interpret security assessment outcomes, furnishing actionable recommendations for remediation. - Remain abreast of the latest cybersecurity trends, tools, and...

  • Vapt Tester-remote

    6 days ago

    Remote, India TeamPlus Staffing Solution Pvt Ltd Full time

    The Penetration tester must have CREST accreditation status in order to qualify for the Project. Penetration tester must hold minimum 2 of the following qualifications or equivalent. Offensive Security Certified Professional (OSCP) Certified Information Systems Security Professional (CISSP) Offensive Security Certified Wireless Professional (OSWP) CREST...

  • Cyber Security Tester

    6 days ago

    Remote, India Rigelsoft Technologies Full time

    **Cyber Security - Penetration Tester** Security roles: - Penetration Testers There are multiple headcounts across different levels for this role. If you are a penetration tester looking for your next penetration testing or just cyber security roles in general, feel free to get in touch for a confidential discussion regarding your next career...

  • Penetration Tester

    6 days ago

    Remote, India Claranet Full time

    **About The Role**: **Role** The primary function of the Security Analyst in the CST team is to continually review the customers’ defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. The Security Analyst is also responsible for...

  • Devsecops Architect

    1 week ago

    Remote, India Luxoft Full time

    **Project** Description**: DevSecOps Architect role will have a major role to help implementing shift left security in DevSecOps program and define the required security guardrails. In addition, the role will cover leading a team of DevSecOps Security members (Security Testers and Risk Assessors) as those members will be working with dedicated teams of...

  • Application Security Engineer II

    1 week ago

    Remote, India Rackspace Technology Full time

    Job Description Position Overview: In this role, you will support Rackspace's application security program by implementing and maintaining security testing capabilities, including static and dynamic application security testing, assisting with application penetration testing, and supporting our bug bounty program. You will work closely with development teams...

  • Cyber Security Trainer

    2 weeks ago

    Remote, India Intelogik Solutions Full time ₹ 1,20,000 - ₹ 18,00,000 per year

    We are seeking an experienced Cyber Security Trainer to deliver high-quality training programs on cybersecurity concepts, tools, and practices. The ideal candidate will have both strong technical expertise and teaching skills to train students or professionals in real-world cyber defense, ethical hacking, and information security strategies.Key...

  • Application Security Engineer II

    2 weeks ago

    Remote, India Rackspace Technology Full time ₹ 6,00,000 - ₹ 12,00,000 per year

    Position Overview:In this role, you will support Rackspace's application security program by implementing and maintaining security testing capabilities, including static and dynamic application security testing, assisting with application penetration testing, and supporting our bug bounty program. You will work closely with development teams to identify,...

  • Application Security Engineer II

    1 week ago

    India - Remote Rackspace Full time ₹ 6,00,000 - ₹ 12,00,000 per year

    Position Overview: In this role, you will support Rackspace's application security program by implementing and maintaining security testing capabilities, including static and dynamic application security testing, assisting with application penetration testing, and supporting our bug bounty program. You will work closely with development teams to identify,...