Penetration Tester (web & network)

Position 1: Web and Network PT Consultant

Proposed designation

Consultant

Role type

Individual contributor

Reporting to

Work timings 12 PM to 9 PM

Roles & responsibilities

• Perform manual application penetration tests on one or more of the following to

discover and exploit vulnerabilities: web applications, internal applications, APIs,

internal and external networks, and mobile applications

• Plan and execute network penetration testing and Red teaming assessments to

simulate real-world attack scenarios.

• Perform manual network and application penetration tests on internal network,

Active Directory environment, web applications.

• Perform social engineering assessment to assess the security

awareness and physical security controls of the organization.

• Ability to independently research for new vulnerabilities in systems and software

and modify and customize tools, known exploits, POCs and scripts to meet

operational requirement.

• Research and stay up-to-date with the latest attack techniques, tools, and

emerging threats.

• Present technical reports to clients, explaining the outcomes of the testing and

providing detailed insights and recommendations.

• Collaborate effectively with cross-functional teams, including developers, IT

operations, and business stakeholders to integrate security best practices

seamlessly into project workflows.

• Provide mentorship and guidance to junior security staff and foster a culture of

proactive security awareness within the organization.

This role is for you if you have the below

• We are seeking an experienced and highly skilled Consultant with over 5+

years of working experience in the field of cybersecurity, including network

penetration testing, vulnerability assessment, Active directory testing, phishing

assessment and web application penetration testing. The ideal candidate will

possess a strong working knowledge of Network protocols, performing OSINT

to identify publicly available information and testing and exploiting Microsoft

services like Windows Servers, Active directory, Certificate Services.

Mandatory technical & functional skills

JOB DESCRIPTIONS

2

• Perform manual application penetration tests on one or more of the following to

discover and exploit vulnerabilities: web applications, internal applications, APIs,

internal and external networks, and mobile applications

• 5+ years of professional experience in cybersecurity, with a

focus on Network penetration testing and Red teaming.

• Strong understanding of Network protocols, web applications, cryptography,

various operating systems and security technologies.

• Strong understanding of exploitation of Microsoft platform used in enterprise

environment such as windows Servers, Active Directory Certificate Service,

Azure, etc.

• Experience in one or more of the following a plus: Web application penetration

testing, mobile application penetration testing application architecture and

business logic analysis.

• Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO,

OSWA, are strongly preferred.

Other information

• Interview process: Please expect 2-3 rounds of interview
• Does the job role involve travelling: No
• Does the busy season apply to this role: Seasonality of the work is dependent

on the projects/ deliverable timelines

• Working location: Bangalore/Pune/Gurugram