Job Description – Penetration Tester

We are looking for a skilled and passionate Penetration Tester with hands-on experience in identifying vulnerabilities across mobile applications (iOS/Android), web applications, infrastructure, and thick client environments. The ideal candidate will have strong expertise in assessing the security posture of applications, systems, and networks in a fast-paced fintech environment.

Key Responsibilities

Conduct penetration tests on web/mobile applications, networks, thick client environments, and systems to identify vulnerabilities and security flaws.

Perform both manual and automated testing to simulate cyberattacks and exploit vulnerabilities.

Document vulnerabilities with clear descriptions, proof-of-concepts, business impact, and actionable remediation steps.

Perform retests to validate patching and mitigations.

Analyze security issues across web applications, network protocols, operating systems, and cloud environments.

Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques.

Collaborate with application teams throughout the assessment lifecycle and deliver detailed reports.

Requirements

Proven experience as a Penetration Tester or similar cybersecurity role.

Strong understanding of OWASP Mobile Top 10, OWASP Web Top 10, and MITRE ATT&CK framework.

Hands-on experience with tools such as Burp Suite, Frida, MobSF, Nmap, Wireshark, Metasploit, etc.

Knowledge of SSL pinning, jailbreak/root detection bypass, certificate validation flaws, and reverse engineering for mobile apps.

Familiarity with various operating systems (Windows, Kali, macOS) and cloud platforms (AWS, Azure, GCP).

Knowledge of programming/scripting languages (Python, Bash, PowerShell) is a plus.

Strong communication skills to explain technical details to non-technical stakeholders.

Preferred Skills

Prior experience in mobile application penetration testing.

Ability to work independently and manage time effectively.