Company: Security Lit Ltd
Experience Required: 1-3 years
Immediate Joiners Preferred
At Security Lit Ltd, a cybersecurity firm with New Zealand roots and a growing presence in India, we are seeking an Associate Penetration Tester to enhance our team in Mumbai. This role specifically involves the use of a black-box approach to evaluate the security of web applications and APIs.
Conduct black-box penetration tests on web applications and APIs, identifying and exploiting vulnerabilities.
Utilize both manual and automated tools and techniques to mimic real-world attack scenarios and uncover system weaknesses.
Apply diverse testing methodologies, including vulnerability scanning, penetration testing, and security assessments.
Collaborate with development and infrastructure teams to gain insights into application architectures for better risk identification.
Create comprehensive reports detailing vulnerabilities, their potential impacts, and suggest actionable remediation strategies.
Stay updated with current security threats, vulnerabilities, and best practices to continuously improve testing methodologies.
Participate actively in team meetings and knowledge-sharing sessions to contribute to the team's overall expertise and success.
Requirements
1-3 years of experience in penetration testing, with a specific focus on black box testing of web applications and APIs.
Strong grasp of web technologies, protocols, and frameworks (e.g., HTTP, HTML, CSS, JavaScript).
Proficiency in using tools and frameworks such as Burp Suite, OWASP ZAP, or similar for penetration testing.
Comprehensive knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and techniques for their exploitation.
Familiarity with testing API security, including aspects like authentication, authorization, and API endpoint vulnerabilities.
Capable of analyzing and interpreting security scan results, discerning false positives, and focusing on critical vulnerabilities.
Excellent communication skills for effectively relaying findings and recommendations to both technical and non-technical stakeholders.
Relevant certifications (e.g., OSCP, OSCE, CEH) are a plus.
Self-driven, detail-oriented, and comfortable working independently or as part of a team.
Benefits
Security Lit Ltd offers a collaborative, dynamic work environment, providing opportunities for professional growth and development. Passionate individuals who are keen on making a significant impact in the cybersecurity domain are encouraged to apply.
Please note: Only candidates shortlisted for further assessment will be contacted.
Embark on a journey with us to create a safer digital world!
