10 Oswa Jobs

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Work Location:- Bangalore / Pune Experience:- 4 to 7 years Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Greetings from Teamware Solutions a division of Quantum Leap Consulting Pvt. Ltd We are hiring an Associate Consultant_Penetration Testing_ Web Application Location: Bengaluru Work Mode: Hybrid; 2 days WFO Geography they support: US Shift Time: 12-9 PM Experience: 4 -9 Years Notice Period: Immediate to 15 days Requirements: Web Application Penetration Testing (Mandatory): Candidates must have strong experience in web application penetration testing. While a combination of web and mobile application testing is acceptable, their recent and primary experience should be focused on web applications. CSRF (Cross-Site Request Forgery) Boolean SQL Injection DOM XSS (Cross-Site Scripting) CSV Injection Coding and auditing expertise Mandatory technical & functional skills Minimum three years of recent experience in application penetration testing of APIs, web applications, or mobile applications Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx Bachelors degree from an accredited college/university or equivalent industry experience One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSWE, OSWA Roles & responsibilities •Perform manual Application penetration testing against APIs (REST/SOAP), Web Applications, Mobile applications, and thick client applications •Perform threat modeling, evaluate application business logic, and perform application architecture reviews •Ability to demonstrate application testing experience in real time via demos to both internal and external audiences •Act independently in penetration testing engagements, with minimal oversight and guidance •Act as a technical leader and mentor for junior engineers •Engage with technical and non-technical audiences to articulate both testing processes, techniques and results; guide technical audiences on remediation options and assist clients in weighing those options •Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice and mentor junior and offshore team members on tools and techniques in performing tests Please let me know if you are interested in this position and send me the resumes to netra.s@twsol.com

We are all different, yet we all use our unique contributions to serve patients. This role has a strong focus on ensuring the organizations infrastructure, applications, and systems are secure from external and internal threats. This role is responsible for conducting authorized security tests on IT infrastructure to evaluate the strength of its systems against potential cyberattacks. A variety of automated tools and manual techniques are leveraged to simulate real-world attacks. The penetration tester then works with the organization to prioritize, remediate and report on identified issues, strengthening the overall security posture. Basic Qualifications: Bachelor s degree with6 -8 years of experience inComputer Science,Cybersecurityor Information Systemsrelated field . Preferred Qualifications: Must-Have Skills: Strong knowledge of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25), network protocols, encryption standards, application security and common penetration testing methodologies (ISSAF, OSSTMM, PTES). Familiarity with tools like Burp Suite, OWASP ZAP and Metasploit. A deep understanding of web application architecture, databases, and authentication mechanisms. Ability to think critically and creatively when testing and attempting to exploit vulnerabilities. Good-to-Have Skills: Experience with threat intelligence and incorporating emerging threats into penetration testing practices Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications (please mention if the certification is preferred or mandatory for the role): Preferred: eJPT, eCPPT, eWPT, OSCP, OSWA, GWAPT

Web and Network PT Consultant Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. Perform social engineering assessment to assess the security awareness and physical security controls of the organization. Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs,internal and external networks, and mobile applications 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. Strong understanding of Network protocols, web applications, cryptography various operating systems and security technologies. Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO OSWA, are strongly preferred.

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

We are seeking a highly skilled and experienced Cybersecurity Consultant with over 5 years of proven expertise in penetration testing, red teaming, vulnerability assessment , and Active Directory exploitation . In this role, you will simulate real-world attack scenarios, uncover critical vulnerabilities, and provide technical remediation guidance to strengthen security postures. You will also mentor junior team members and work cross-functionally to embed security best practices throughout the organization. Key Responsibilities Perform manual penetration testing on a variety of targets including: Web applications Internal business applications APIs Internal and external networks Mobile applications Plan and execute network penetration testing and Red Team assessments to simulate sophisticated threat actor behavior. Conduct Active Directory and Windows infrastructure testing , including attacks on Certificate Services , Kerberos , and NTLM . Execute social engineering assessments , including phishing campaigns and physical security evaluations. Conduct OSINT investigations to identify public exposure of sensitive assets or credentials. Customize and develop tools, scripts, and proof-of-concept exploits to meet specific operational goals. Continuously research emerging threats, vulnerabilities, attack vectors, and security technologies. Present detailed technical reports to stakeholders with risk ratings, impact summaries, and actionable remediation steps. Work closely with development, IT, and business teams to integrate security into project lifecycles and DevOps pipelines. Mentor junior team members , contribute to knowledge sharing, and promote security awareness throughout the organization. Required Skills and Qualifications Minimum 5 years of professional experience in cybersecurity with a focus on: Network and web application penetration testing Red teaming engagements Vulnerability assessments and exploit development In-depth understanding of: Network protocols and system architectures Microsoft enterprise infrastructure (Windows Servers, Active Directory, AD CS, Azure) Web and mobile application security , authentication mechanisms, and encryption Experience with manual exploitation techniques , as well as using and customizing tools like: Burp Suite, Nmap, Metasploit, BloodHound, Cobalt Strike, etc. Knowledge of social engineering attack vectors and security awareness testing Ability to perform business logic assessments and identify flaws beyond automated scanning Strong communication skills, including the ability to translate technical findings into executive-level reports Preferred Certifications One or more of the following certifications are highly desirable: OSCP Offensive Security Certified Professional OSEP Offensive Security Experienced Penetration Tester CRTP / CRTO Certified Red Team Professional / Operator OSWA / GWAPT Web Application Security Certs Professional Attributes Excellent analytical and problem-solving skills High degree of attention to detail Strong written and verbal communication skills Self-motivated with a proactive approach to learning and threat research Comfortable working both independently and in collaborative team settings

We are seeking a highly skilled and experienced Cybersecurity Consultant with over 5 years of proven expertise in penetration testing, red teaming, vulnerability assessment , and Active Directory exploitation . In this role, you will simulate real-world attack scenarios, uncover critical vulnerabilities, and provide technical remediation guidance to strengthen security postures. You will also mentor junior team members and work cross-functionally to embed security best practices throughout the organization. Key Responsibilities Perform manual penetration testing on a variety of targets including: Web applications Internal business applications APIs Internal and external networks Mobile applications Plan and execute network penetration testing and Red Team assessments to simulate sophisticated threat actor behavior. Conduct Active Directory and Windows infrastructure testing , including attacks on Certificate Services , Kerberos , and NTLM . Execute social engineering assessments , including phishing campaigns and physical security evaluations. Conduct OSINT investigations to identify public exposure of sensitive assets or credentials. Customize and develop tools, scripts, and proof-of-concept exploits to meet specific operational goals. Continuously research emerging threats, vulnerabilities, attack vectors, and security technologies. Present detailed technical reports to stakeholders with risk ratings, impact summaries, and actionable remediation steps. Work closely with development, IT, and business teams to integrate security into project lifecycles and DevOps pipelines. Mentor junior team members , contribute to knowledge sharing, and promote security awareness throughout the organization. Required Skills and Qualifications Minimum 5 years of professional experience in cybersecurity with a focus on: Network and web application penetration testing Red teaming engagements Vulnerability assessments and exploit development In-depth understanding of: Network protocols and system architectures Microsoft enterprise infrastructure (Windows Servers, Active Directory, AD CS, Azure) Web and mobile application security , authentication mechanisms, and encryption Experience with manual exploitation techniques , as well as using and customizing tools like: Burp Suite, Nmap, Metasploit, BloodHound, Cobalt Strike, etc. Knowledge of social engineering attack vectors and security awareness testing Ability to perform business logic assessments and identify flaws beyond automated scanning Strong communication skills, including the ability to translate technical findings into executive-level reports Preferred Certifications One or more of the following certifications are highly desirable: OSCP Offensive Security Certified Professional OSEP Offensive Security Experienced Penetration Tester CRTP / CRTO Certified Red Team Professional / Operator OSWA / GWAPT Web Application Security Certs Professional Attributes Excellent analytical and problem-solving skills High degree of attention to detail Strong written and verbal communication skills Self-motivated with a proactive approach to learning and threat research Comfortable working both independently and in collaborative team settings

We are seeking a highly skilled and experienced Cybersecurity Consultant with over 5 years of proven expertise in penetration testing, red teaming, vulnerability assessment , and Active Directory exploitation . In this role, you will simulate real-world attack scenarios, uncover critical vulnerabilities, and provide technical remediation guidance to strengthen security postures. You will also mentor junior team members and work cross-functionally to embed security best practices throughout the organization. Key Responsibilities Perform manual penetration testing on a variety of targets including: Web applications Internal business applications APIs Internal and external networks Mobile applications Plan and execute network penetration testing and Red Team assessments to simulate sophisticated threat actor behavior. Conduct Active Directory and Windows infrastructure testing , including attacks on Certificate Services , Kerberos , and NTLM . Execute social engineering assessments , including phishing campaigns and physical security evaluations. Conduct OSINT investigations to identify public exposure of sensitive assets or credentials. Customize and develop tools, scripts, and proof-of-concept exploits to meet specific operational goals. Continuously research emerging threats, vulnerabilities, attack vectors, and security technologies. Present detailed technical reports to stakeholders with risk ratings, impact summaries, and actionable remediation steps. Work closely with development, IT, and business teams to integrate security into project lifecycles and DevOps pipelines. Mentor junior team members , contribute to knowledge sharing, and promote security awareness throughout the organization. Required Skills and Qualifications Minimum 5 years of professional experience in cybersecurity with a focus on: Network and web application penetration testing Red teaming engagements Vulnerability assessments and exploit development In-depth understanding of: Network protocols and system architectures Microsoft enterprise infrastructure (Windows Servers, Active Directory, AD CS, Azure) Web and mobile application security , authentication mechanisms, and encryption Experience with manual exploitation techniques , as well as using and customizing tools like: Burp Suite, Nmap, Metasploit, BloodHound, Cobalt Strike, etc. Knowledge of social engineering attack vectors and security awareness testing Ability to perform business logic assessments and identify flaws beyond automated scanning Strong communication skills, including the ability to translate technical findings into executive-level reports Preferred Certifications One or more of the following certifications are highly desirable: OSCP Offensive Security Certified Professional OSEP Offensive Security Experienced Penetration Tester CRTP / CRTO Certified Red Team Professional / Operator OSWA / GWAPT Web Application Security Certs Professional Attributes Excellent analytical and problem-solving skills High degree of attention to detail Strong written and verbal communication skills Self-motivated with a proactive approach to learning and threat research Comfortable working both independently and in collaborative team settings

Roles & responsibilities • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications • Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. • Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. • Perform social engineering assessment to assess the security awareness and physical security controls of the organization. • Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. • Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. • Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. • Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. • Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below • We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills JOB DESCRIPTIONS • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications • 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. • Strong understanding of Network protocols, web applications, cryptography, various operating systems and security technologies. • Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. • Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred.