Job Portal Logo
LoginSign Up
🔔 FCM Loaded

Penetration Tester

ACL Digital

2 - 5 years

Bengaluru

Posted: 04/01/2026

Getting a referral is 5x more effective than applying directly

Job Description

Cybersecurity Penetration Tester will work with project teams to ensure applications meet our security policies.

3+ Years of Experience

  • Understand project deliverables and application details
  • Run automated and manual security checks (not limited to tools) to uncover security weaknesses in the system
  • Propose mitigation steps for identified risks and threats
  • Provide clear recommendations from a security perspective based on understanding of application, application risk and business context, and results of checks performed.
  • Work alongside with the cybersecurity community and application teams.
  • Explore process, reporting and improvement in techniques
  • Ability to collaborate with other penetration teams to align in knowledge, tools and techniques

Skills

  • Security Web, Mobile, API, Cloud and Container, Thick Client, Network, Operating System etc.
  • Applications Development & Delivery
  • Understanding or experience on any of the following is an advantage:
  • Cloud Security Assessment and Security Audits of Cloud Environment
  • Vulnerability Management (Process, Tools and Metrics)
  • NIST Cybersecurity Framework
  • Critical Security Controls (CSC)
  • Expertise in DevSecOps methodologies is also an advantage.

Knowledge

  • Pentest standards and methodologies, OWASP, SANS etc.
  • Subject matter expert in web/mobile/thick client/API assessments
  • Good understanding of server vulnerabilities (Linux, Windows) and hardening
  • Familiarity with cloud platforms, and cloud container security
  • Efficient and effective usage of pentest tools as well as demonstrate less dependency on tools.
  • Experience with automation, scripting (Python, Perl, Ruby, etc.)
  • Proactive interest in emerging technologies (e.g. Offensive AI) and techniques related to penetration testing
  • Ability to translate technical security topics in a business-friendly manner
  • DevSecOps implementation and supporting security tooling (SAST)

Experience & Certification

  • Min 3+ years of experience in penetration testing of Web, Mobile (iOS & Android), API, Thick client & Network.
  • Certifications - OSCP, OSCE, GPEN, GXPN, GICSP, GWAPT, OSWP, etc.
  • Azure / AWS security certifications is a plus.
  • CISSP, CEH also a plus

Behaviors and Competencies

  • Strong written and verbal communication skills, with a proven ability to communicate with technical staff, as well as project teams, so security risks are understood in business terms
  • Keep pace with standards and technologies related to security
  • Requirements Gathering and Analysis
  • Interpersonal Skills, proactiveness

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more