Key Responsibilities
- Conduct offensive security assessments including web, mobile, API, and network penetration testing
- Perform secure code reviews to identify and remediate application vulnerabilities
- Lead or support red teaming exercises simulating advanced adversarial threats
- Collaborate with development, DevOps, and security teams to ensure vulnerabilities are properly triaged and remediated
- Document findings and create detailed, actionable security reports
- Stay up to date with the latest TTPs (Tactics, Techniques, Procedures) used in the wild and apply them in offensive engagements
Required Skillset - Proven hands-on experience in:
- Web and mobile application security
- API and network penetration testing
- Secure code review across languages like Java, Python, JavaScript, etc.
- Red teaming engagements and adversary emulation
- Deep understanding of OWASP Top 10, MITRE ATT&CK, and secure SDLC
- Familiarity with offensive security tools and frameworks (e.g., Burp Suite, Metasploit, Cobalt Strike, Nmap, etc.)
Preferred Certifications (One Or More)
- OSCP – Offensive Security Certified Professional
- OSCE – Offensive Security Certified Expert
- OSWE – Offensive Security Web Expert
- OSWA – Offensive Security Web Assessor
- CRTP – Certified Red Team Professional
- CRTO – Certified Red Team Operator
- PNPT – Practical Network Penetration Tester
- EWPT – eLearnSecurity Web Application Penetration Tester
Skills: web,api,security,mobile,penetration testing,vapt,oscp,owasp,burp suite,metasploit,nmap,web and mobile application security,network penetration testing,secure code reviews
Skills Required
Burp Suite, Metasploit, Owasp Top 10, Nmap, secure sdlc , Secure Code Review