Key skills
AndroidAWSAzureCloudGoogle Cloud PlatformiOSGCPGoogle CloudActive DirectoryOWASPPenetration Testing
About this role
Role Overview
- Perform penetration tests of web applications, mobile applications, and infrastructure (internal and external)
- Identify, analyze, and report vulnerabilities along with remediation recommendations
- Develop realistic attack scenarios (manual and partially automated)
- Collaborate with development and DevOps teams to improve security posture
- Support threat modeling and security architecture reviews
- Contribute to the development of internal tools and testing standards
- Mentor junior and mid-level team members.
Requirements
- Minimum 5 years of hands-on experience in penetration testing
- Strong knowledge of web application security (e.g., OWASP Top 10, ASVS, OWASP Top 10 API)
- Experience in mobile application testing (Android/iOS)
- Solid understanding of infrastructure security (networks, systems, Active Directory, cloud)
- Proven ability to manually exploit vulnerabilities
- Familiarity with tools such as Burp Suite, Metasploit, Nmap, Nessus, MobSF, Frida or similar
- Ability to produce clear technical and executive-level reports
- Strong analytical skills and an “attacker mindset”
- Nice to Have: Industry certifications (e.g., OSCP, OSWE, OSEP or similar)
- Knowledge of cloud environments (Azure, AWS, GCP) from a security perspective
- Experience in secure code review or SSDLC.
Tech Stack
- Android
- AWS
- Azure
- Cloud
- Google Cloud Platform
- iOS