Web Application Penetration Testing
2 weeks ago
Roles & responsibilities
Manage cyber threat management projects and lead day-to-day
red team operations.
Plan, scope and conduct complex red team engagements:
external/internal network, Active Directory, cloud
(AWS/Azure/GCP), web & API, mobile backends, and
physical/social engineering components (phishing, vishing,
in-person tests).
Conduct comprehensive web & API testing: reconnaissance,
authenticated/unauthenticated testing, injection flaws
(SQLi/NoSQLi), RCE, SSRF, XSS, IDOR, broken
authentication/authorization, logic flaws, insecure deserialization,
unsafe file uploads and API misconfigurations; chain findings into
host footholds.
Conduct network & infrastructure testing: perimeter and internal
assessments, host/service enumeration, CVE-based exploitation,
pivoting, lateral movement, privilege escalation, persistence and
attack path mapping.
Execute Active Directory compromise exercises: Kerberos
abuse, Golden/Silver Ticket, ACL abuse, user/group privilege
escalation and Group Policy weaknesses.
Simulate stealthy adversary tradecraft (MITRE ATT&CK)
including OpSec, EDR/AV evasion, SIEM evasion and covert
payload delivery (HTML smuggling, advanced delivery chains).
Design, develop and customize offensive tooling and exploits;
maintain red team infrastructure (C2, payloads, automation).
Conduct cloud adversarial simulations: identity abuse,
misconfiguration chaining, and privilege escalation across cloud
services.
Plan and run social engineering campaigns and measure human
susceptibility; craft realistic pretexts using OSINT
Come as
you are
at KGS
As a firm, we are deeply
committed to diversity,
inclusion and equity at our
workplace. We offer a safe
and inclusive environment
built on trust, where all our
colleagues can bring their
authentic selves to work
and know that their
uniqueness is valued.
We prohibit unfair
treatment of applicants and
employees and
discrimination on any
ground, including but not
limited to, caste, religion,
color, ancestry, marital
status, medical condition,
sex, gender identity and/or
expression, sexual
orientation, age,
nationality, cultural origin,
family or parental status,
defense veterans,
physical, mental or
sensory disability or any
other status or
characteristic protected by
applicable Indian laws and
regulations.
Mandatory technical &
functional skills
Conduct red team exercises to evaluate and enhance the
organization's security posture. These exercises simulate
real-world attack scenarios to identify areas of weakness and
improve defenses.
Key activities include planning and executing simulated
attacks, analyzing security gaps, and providing actionable
recommendations for remediation
4+ years of professional experience in cybersecurity, with a
focus on Web application penetration testing.
Strong background in cybersecurity with a focus on
penetration testing.
Experience in Web and Network PT.
Relevant certifications such as OSCP, CRTP,CRTO.
Proficient in threat modeling and vulnerability exploitation
techniques.
Excellent analytical and problem-solving skills.
-
web application penetration testing
2 weeks ago
Bengaluru, Karnataka, India Randstad MENA Full time ₹ 6,00,000 - ₹ 18,00,000 per yearJob Description Job Offer Closes: 20 December 2025SummaryLocation: Bengaluru, Karnataka Client: A client of Randstad India Employment Type: Temporary Posted On: 21 October 2025 Reference Number JPC Next StepsContact the recruiter Set a job alert Create an account Search jobs Job Details Mandatory Technical & Functional SkillsPerform manual...
-
Bengaluru, Karnataka, India Careernet Full time ₹ 8,00,000 - ₹ 24,00,000 per yearKey Skills: Penetration Testing, Vulnerabilities, Web Application Security, Manual Testing.Roles & Responsibilities:Conduct manual application penetration tests on web applications, internal applications, APIs, and mobile applications to discover and exploit vulnerabilities.Independently research new vulnerabilities in systems and software, modifying and...
-
Penetration Tester
6 days ago
Bengaluru, Karnataka, India Artech Full time ₹ 15,00,000 - ₹ 20,00,000 per yearRole & responsibilitiesMandatory technical & functional skillsPerform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs and mobile applications3 to 9 years of professional experience in cybersecurity, with a focus on Web application penetration...
-
Penetration Tester
3 days ago
Bengaluru, Karnataka, India Happiest Minds Technologies Full time ₹ 8,00,000 - ₹ 12,00,000 per yearSr. Penetration Testing engineerMandatory SkillsPenetration Testing, Web App, Mobile, Web Services/APIs, Network & blockchain.Skill to EvaluatePenetration-TestingExperience4 to 6 YearsLocationBengaluruJob DescriptionMaintain a good relationship with key stakeholders including business, other Application & ISO teams to deliver on security requirements...
-
Penetration Tester
2 weeks ago
Bengaluru, Karnataka, India Kotak Mahindra Bank Full time ₹ 6,00,000 - ₹ 12,00,000 per yearSoftware Test Engineering II-SUPPORT SERVICES-Applications-CTB Job Title: Penetration Tester (Web Applications and REST APIs) Location: Bengaluru Job Type: Full-time About Us: Kotak Mahindra Bank is seeking an experienced Penetration Tester to join our Platform Engineering team. As a Penetration Tester, you will be responsible for identifying...
-
Penetration Tester
5 days ago
Bengaluru, Karnataka, India Ntech IT Solutions Private Limited Full time ₹ 23,04,000 - ₹ 30,72,000 per yearTitle: Penetration TesterLocation: Bangalore (Hybrid)Job Type: Contract to HireOpenings: Years of exp needed)Must have skills - Offensive Security, Penetration Testing, Red TeamingPosition SummaryWe are seeking an experienced application penetration tester with expertise in both manual and automated testing to join our Security and Privacy Risk Consulting...
-
Penetration Tester
3 days ago
Bengaluru, Karnataka, India STAFFINGTON CONSULTING PRIVATE LIMITED Full time ₹ 20,00,000 - ₹ 25,00,000 per yearDescription :Duties and Responsibilities : - Conduct penetration tests on a wide range of digital assets, including networks, web applications, and mobile applications, to identify vulnerabilities and security weaknesses. - Collaborate with internal product and engineering teams to understand system setups, business goals, and constraints. -...
-
Penetration Testing Engineer
6 days ago
Bengaluru, Karnataka, India Grant Thornton Full time ₹ 12,00,000 - ₹ 36,00,000 per year2 - 5 Years1 OpeningBengaluruRole descriptionRole OverviewAs a Penetration Testing Engineer at Grant Thornton, you will conduct advanced security assessments across applications, networks, cloud environments, and enterprise systems. You will emulate real-world attack scenarios, identify vulnerabilities, and collaborate with engineering and client teams to...
-
Application Security Testing
16 hours ago
Bengaluru, Karnataka, India UV Cyber Solutions Full time ₹ 12,00,000 - ₹ 36,00,000 per yearHiring for Application Security Testing -L3 - Staff Consultant UV Cyber -- (Hosur Main Road-Koramangala, Bangalore)Role : Application Security Testing -L3 - Staff ConsultantExperience: 5 yrs to 12 YrsNotice Period: 0 to 30 days(Applicants must attend face-to-face interview in Bangalore)Address: UV Cyber solutions,1ST Block,1ST Floor, PRESTIGE BLUE CHIP...
-
Senior Penetration Testing Specialist
2 weeks ago
Bengaluru, Karnataka, India HSBC Full timeSome careers shine brighter than others.If you're looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and...
