Penetration Tester - Vulnerability Assessment (12-16 yrs)

Job Title : Senior Penetration Tester

Location : Chennai (Work From Office)

Experience Required : 12+ Years Total, with 6+ Years in Penetration Testing

Preferred Certification : OSCP or equivalent

Work Hours : 8:30 AM to 5:30 PM

Job Overview :

We are actively looking for an experienced Senior Penetration Tester to enhance our organization's security measures through advanced vulnerability assessment and penetration testing. This role involves a blend of hands-on technical expertise, strategic security planning, and collaboration with cross-functional teams to identify, assess, and mitigate potential security threats. You'll work on critical security projects across web and mobile platforms, cloud environments, and more to ensure a robust and secure operational environment.

Key Responsibilities :

- Penetration Testing : Conduct comprehensive penetration tests on a variety of platforms, including web applications, mobile apps, networks, and cloud environments, to identify vulnerabilities that could potentially compromise security.

- Social Engineering Assessments : Design and execute simulated social engineering attacks to test organizational awareness and readiness against phishing and other social engineering tactics.

- Vulnerability Identification & Remediation : Use advanced tools and methodologies to discover security weaknesses, analyze their impact, and recommend remediation plans to development and infrastructure teams.

- Research & Development : Stay up-to-date with the latest security threats and testing methodologies by actively researching new attack techniques, experimenting with emerging tools, and participating in industry discussions.

- Code Review : Collaborate with development teams to assess code security, identify vulnerabilities, and suggest improvements in secure coding practices.

- Malware Analysis : Perform reverse engineering on malware to analyze behavior, identify exploit patterns, and recommend proactive security measures to prevent similar threats.

- Documentation & Reporting : Thoroughly document vulnerabilities, risks, and compliance issues identified during testing. Generate comprehensive reports that include technical details for teams and executive summaries for stakeholders.

- Automated Testing Implementation : Develop and implement automated security testing techniques to streamline the vulnerability assessment process.

- Verification Testing : Conduct follow-up testing to verify that remediations and security patches effectively resolve identified vulnerabilities.

- Mobile Application Security Testing : Execute specialized penetration testing for mobile applications, ensuring robust protection across all digital platforms.

- Presentations & Knowledge Sharing : Provide clear, insightful presentations to both technical teams and executive management, translating complex security findings into actionable recommendations.

Preferred Qualifications and Skills :

Certifications :

- OSCP (Offensive Security Certified Professional) - Preferred

- CPTS (Certified Penetration Testing Specialist)

- PNPT (Pentester Ninja Professional Training)

- PJPT (Junior Penetration Tester)

- eCCPT (eLearnSecurity Certified Professional Penetration Tester)

Technical Proficiency :

- Strong knowledge of penetration testing frameworks and tools (e.g., Metasploit, Burp Suite, Nessus, Nmap).

- Familiarity with scripting languages (Python, Bash, PowerShell) to automate security tasks.

- Deep understanding of networking protocols, security standards, and modern cloud infrastructures.

- Expertise in web technologies and mobile application architectures, with an understanding of OWASP standards and best practices.

Experience Required :

- Significant background in cybersecurity, with proven experience in penetration testing and vulnerability assessments.

- Demonstrated ability to identify, exploit, and document security vulnerabilities across a range of technologies and environments.

Desired Personal Attributes :

- Analytical Mindset : Strong attention to detail with a focus on ethical testing practices.

- Effective Communicator : Able to explain technical findings to both technical and non-technical stakeholders clearly.

- Team Collaboration : Comfortable working in a team environment and independently on projects.

Commitment to Confidentiality : Respect for the confidentiality and security standards of the organization.