Talent.com
This job offer is not available in your country.
Penetration Tester (web & network)

Penetration Tester (web & network)

ConfidentialBengaluru / Bangalore
18 days ago
Job description

We are seeking a highly skilled and experienced Cybersecurity Consultant with over 5 years of proven expertise in penetration testing, red teaming, vulnerability assessment , and Active Directory exploitation . In this role, you will simulate real-world attack scenarios, uncover critical vulnerabilities, and provide technical remediation guidance to strengthen security postures. You will also mentor junior team members and work cross-functionally to embed security best practices throughout the organization.

Key Responsibilities

  • Perform manual penetration testing on a variety of targets including :
  • Web applications
  • Internal business applications
  • APIs
  • Internal and external networks
  • Mobile applications
  • Plan and execute network penetration testing and Red Team assessments to simulate sophisticated threat actor behavior.
  • Conduct Active Directory and Windows infrastructure testing , including attacks on Certificate Services , Kerberos , and NTLM .
  • Execute social engineering assessments , including phishing campaigns and physical security evaluations.
  • Conduct OSINT investigations to identify public exposure of sensitive assets or credentials.
  • Customize and develop tools, scripts, and proof-of-concept exploits to meet specific operational goals.
  • Continuously research emerging threats, vulnerabilities, attack vectors, and security technologies.
  • Present detailed technical reports to stakeholders with risk ratings, impact summaries, and actionable remediation steps.
  • Work closely with development, IT, and business teams to integrate security into project lifecycles and DevOps pipelines.
  • Mentor junior team members , contribute to knowledge sharing, and promote security awareness throughout the organization.

Required Skills and Qualifications

  • Minimum 5 years of professional experience in cybersecurity with a focus on :
  • Network and web application penetration testing
  • Red teaming engagements
  • Vulnerability assessments and exploit development
  • In-depth understanding of :
  • Network protocols and system architectures
  • Microsoft enterprise infrastructure (Windows Servers, Active Directory, AD CS, Azure)
  • Web and mobile application security , authentication mechanisms, and encryption
  • Experience with manual exploitation techniques , as well as using and customizing tools like :
  • Burp Suite, Nmap, Metasploit, BloodHound, Cobalt Strike, etc.
  • Knowledge of social engineering attack vectors and security awareness testing
  • Ability to perform business logic assessments and identify flaws beyond automated scanning
  • Strong communication skills, including the ability to translate technical findings into executive-level reports

    • Preferred Certifications

    One or more of the following certifications are highly desirable :

  • OSCP – Offensive Security Certified Professional
  • OSEP – Offensive Security Experienced Penetration Tester
  • CRTP / CRTO – Certified Red Team Professional / Operator
  • OSWA / GWAPT – Web Application Security Certs

    • Professional Attributes

  • Excellent analytical and problem-solving skills
  • High degree of attention to detail
  • Strong written and verbal communication skills
  • Self-motivated with a proactive approach to learning and threat research
  • Comfortable working both independently and in collaborative team settings

    • Skills Required

    Penetration Testing, Web Application Security Testing, Network Penetration Testing

    Create a job alert for this search

    Penetration Tester • Bengaluru / Bangalore