Key skills
CloudGraphQLPerlPythonSOAPSQLBashPowerShellOWASPPenetration Testing
About this role
Role Overview
- Conduct manual penetration testing against web applications, mobile applications, APIs, infrastructure, and cloud environments.
- Configure and operate penetration testing tools and scripts to identify vulnerabilities and validate exploitability.
- Document security findings and produce clear, high-quality reports including detailed remediation guidance.
- Develop proof-of-concept exploits demonstrating the real-world impact of vulnerabilities.
- Participate in client calls including kickoff meetings, technical walkthroughs, and remediation discussions.
- Collaborate with project managers and testers to ensure engagements are delivered on time and at a high level of quality.
- Perform internal QA reviews of penetration testing deliverables when required.
Requirements
- 3–8 years of experience in Penetration Testing
- Strong understanding of networks, operating systems, and web/mobile application architectures
- Familiarity with common vulnerabilities including XSS, SQL Injection, XXE, Deserialization, Path Traversal, SSRF, RCE, and authentication flaws
- Experience testing web/mobile applications and APIs (REST, SOAP, graphQL)
- Familiarity with common penetration testing tools such as Burp Suite, Nessus, nmap
- Experience with scripting languages such as Python, Bash, PowerShell, or Perl
- Strong technical writing skills with the ability to translate technical issues into business risk
- Understanding of penetration testing methodologies such as OWASP, MITRE ATT&CK, OSSTMM, and NIST frameworks
Tech Stack
- Cloud
- GraphQL
- Perl
- Python
- SOAP
- SQL
Benefits
- Support & Collaborate
- Professional development opportunities