Job Description – Web Penetration Tester
Location: Bangalore
Job Type: Full Time
Experience: Minimum 2.0 Years
Notice Period: 1 Month
Salary: 4 – 6 LPA

Overview:
We are looking for an experienced and motivated Web Penetration Tester to join our team in Bangalore. The ideal candidate should have at least 2 years of experience in web application penetration testing. You will be responsible for evaluating and identifying security vulnerabilities in web applications and providing recommendations for improving their security posture.

Key Responsibilities:

Conduct penetration tests on web applications, APIs, and web servers to identify security flaws and vulnerabilities.
Perform vulnerability assessments, exploit identification, and manual testing to simulate real-world attacks.
Assess and test applications against common threats such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other OWASP Top 10 vulnerabilities.
Work closely with development teams to provide feedback on security weaknesses and collaborate on remediation efforts.
Develop comprehensive penetration test reports, including detailed findings, risk assessments, and actionable recommendations for improving security.
Keep up to date with the latest security vulnerabilities, threats, and penetration testing tools and techniques.
Collaborate with internal teams to ensure the overall security of the organization’s web applications.
Conduct security reviews and vulnerability assessments as part of the software development lifecycle (SDLC).
Qualifications:

Minimum of 2 years of experience in web application penetration testing or a related security field.
Hands-on experience with web application security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Metasploit).
Strong understanding of web technologies, including HTTP, HTML, JavaScript, CSS, and web frameworks.
Familiarity with common vulnerabilities such as SQL Injection, XSS, CSRF, and Remote File Inclusion.
Experience with manual testing techniques for web applications and APIs.
Strong knowledge of security best practices and secure coding techniques.
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.