Company Profile:
Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com.
Job Title: Penetration Tester
Position: Penetration Tester / Application Security Analyst
Experience: 3+years
Category: Software Development/ Engineering
Shift: General Shift
Main location: Bangalore, Chennai, Hyderabad, Mumbai
Position ID: J0925-0354
Employment Type: Full Time
Education Qualification: Any graduation or related field or higher with minimum 3 years of relevant experience.
Position Description:
We are seeking a skilled and detail-oriented Penetration Tester to join our cybersecurity team. This role involves performing manual security assessments across web, mobile, API, and network environments, identifying vulnerabilities, and collaborating with cross-functional teams to enhance security posture. The ideal candidate will have hands-on experience with tools like Burp Suite, a deep understanding of threat modeling, and a passion for staying ahead of emerging threats.
• Conduct manual penetration testing on web, mobile, API, and network systems.
• Utilize tools such as Burp Suite for vulnerability discovery, exploitation, and documentation.
• Identify, validate, and reproduce application and infrastructure vulnerabilities.
• Perform threat modeling and risk assessments to uncover potential attack vectors.
• Document findings with clear evidence, risk ratings, and actionable remediation guidance.
• Collaborate with development, DevSecOps, and security teams to promote secure coding and design practices.
• Stay current with OWASP Top 10, SANS CWE Top 25, and evolving threat landscapes.
Ensure testing aligns with industry standards and compliance frameworks including:
• OWASP ASVS v5
• NIST 800-115
• ISO/IEC 27001 / 27002
• PCI DSS (as applicable)
• 3+ years of experience in penetration testing and vulnerability assessment.
• Strong command of manual testing techniques and exploitation strategies.
• Proficiency in Burp Suite (Pro/Community) and its modules (Intruder, Repeater, etc.).
• Scripting knowledge in Python, Bash, PowerShell, or JavaScript.
• Familiarity with secure coding practices and integrating security into SDLC/CI-CD pipelines.
• Solid understanding of CVEs, CVSS scoring, and vulnerability databases.
• Experience in delivering technical reports and communicating findings to diverse audiences.
Technical Skills:
• Certifications such as OSCP, CEH, GWAPT, GPEN, or Burp Suite Certified Practitioner.
• Experience with DAST/SAST tools and security automation.
• Exposure to cloud security testing (AWS, Azure, GCP).
• Understanding of regulatory frameworks like NIS2, GDPR, HIPAA, MDR (especially for healthcare domains).
• Strong analytical and problem-solving abilities.
• Excellent verbal and written communication.
• Self-motivated with the ability to work independently and in team settings.
• Meticulous attention to detail and commitment to quality.
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.