Experience range : 5 to 8 : Pune / Hyderabad / Trivandrum / Kochi / Bangalore / Chennai
Skill : OSCP certification is mandatory.
Job Description :
We are seeking a skilled and passionate Penetration Tester with hands-on experience in identifying vulnerabilities across mobile applications (iOS / Android), web applications, infrastructure, and thick client environments. The ideal candidate will have a strong background in assessing the security posture of applications, systems, and networks, especially in a fast-paced fintech environment.
Key Responsibilities :
- Conduct penetration tests on web and mobile applications, networks, thick clients, and systems to identify vulnerabilities.
- Perform manual and automated testing to simulate cyberattacks and exploit potential security flaws.
- Create detailed reports of vulnerabilities including descriptions, proof of concepts, business impact, and actionable remediation steps.
- Perform retesting to validate fixes and confirm mitigations.
- Analyze security issues related to web apps, network protocols, OSs, and cloud platforms.
- Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques.
- Coordinate with application and infrastructure teams during the assessment lifecycle and deliver clear, comprehensive reports.
Requirements :
Proven experience as a Penetration Tester or in a cybersecurity role.Strong understanding of :1. OWASP Mobile Top 10
2. OWASP Web Top 10
3. MITRE ATT&CK framework
Proficiency in tools such as :1. Burp Suite, Frida, MobSF, Nmap, Wireshark, Metasploit
Hands-on experience with :1. SSL pinning bypass
2. Jailbreak / root detection bypass
3. Certificate validation flaws
Mobile app reverse engineeringFamiliarity with operating systems like Windows, Kali Linux, and macOSExposure to cloud platforms such as AWS, Azure, or GCPKnowledge of scripting / programming languages such as Python, Bash, or PowerShell (preferred)Relevant certifications are a strong advantage :1. CEH, OSCP, or similar
ref : hirist.tech)