We are looking for a highly skilled Application Security Consultant to join our Offensive Security team. The ideal candidate should have extensive hands -on experience performing penetration testing across modern applications, including Web, Mobile (Android & iOS), APIs, and Thick Client applications
This role requires an offensive mindset with the ability to identify complex security vulnerabilities, business logic flaws, authentication and authorization weaknesses, and real -world attack paths beyond automated scanning. The candidate should be capable of performing end -to -end authenticated security assessments and should possess strong knowledge of external attack surface analysis. During authorized engagements, the engineer should be able to identify alternative access paths to target applications by leveraging exposed assets, internet -facing services, misconfigurations, publicly available information, credential exposure, or other legitimate attack vectors, wherever applicable within the agreed scope. The ideal candidate is someone who enjoys solving complex security challenges, thinks like an attacker, and can independently execute complete penetration testing engagements from reconnaissance through reporting.
Requirements
TECHNICAL SKILLS
Web Application Security Testing
Android Application Security Testing
iOS Application Security Testing
API Security Testing (REST, GraphQL, SOAP)
Thick Client/Desktop Application Security Testing
OWASP Top 10
OWASP API Security Top 10
OWASP Mobile Top 10
Authenticated penetration testing
Authentication, authorization, session management, access control, and business logic testing
External network penetration testing and attack surface assessment
Identifying alternate attack paths using publicly exposed infrastructure, internet -facing assets, credential exposure (where authorized), or security misconfigurations
Strong analytical and problem -solving skills
Technical documentation and report -writing
MANDATORY REQUIREMENTS
Minimum 3 years of hands -on penetration testing experience. At least one published CVE where the candidate has been credited. Ability to execute complete penetration testing engagements independently
CERTIFICATIONS
OSCP / OSCP+
eCPPT
eWPTX
eMAPT
BSCP
CRTO
CARTP
Relevant Cloud Security Certifications
Benefits
Flexible engagements tailored to professional and personal goals.
Competitive compensation structure.
Exposure to diverse, industry -leading projects.
Access to specialized expertise and a collaborative cybersecurity team.
Professional development opportunities and recognition within the cybersecurity community.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in India.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip