Senior Penetration Tester

Position Title

Senior Penetration Tester

Location

Noida, Uttar Pradesh (Office-based)

Compensation

• Salary: INR 125,000 per month
• Performance Bonus: INR 50,000 (quarterly)

Experience

8+ years of relevant experience

Role Overview

We are seeking a highly experienced Senior Penetration Tester to join our cybersecurity team in Noida. This is an office-based role requiring deep hands-on expertise in penetration testing across large and complex enterprise environments. The ideal candidate will possess strong technical skills, a structured approach to security assessments, and the ability to produce clear, actionable, and executive-ready reports. A working understanding of SOC, SIEM, and SOAR operations is also required to ensure alignment between offensive security findings and defensive security capabilities.

Key Responsibilities

• Execute end-to-end penetration testing engagements across large-scale assets, including networks, web applications, APIs, mobile applications, cloud environments, and internal infrastructure.
• Perform advanced vulnerability assessments, threat modelling, and exploitation activities to identify high-risk security gaps.
• Use industry-standard and custom tools to conduct manual and automated testing, ensuring depth and accuracy of findings.
• Analyse results, validate vulnerabilities, assess business impact, and prioritize risks based on real-world exploitability.
• Prepare comprehensive, high-quality penetration testing reports, including technical details, risk ratings, proof of concept, and clear remediation guidance.
• Present findings to technical teams, SOC analysts, and senior stakeholders in a clear and professional manner.
• Collaborate with SOC teams to align penetration testing outcomes with detection, response, and monitoring use cases.
• Demonstrate understanding of SIEM and SOAR platforms, including how alerts, playbooks, and response workflows can be enhanced based on penetration testing insights.
• Stay current with emerging threats, attack techniques, vulnerabilities, and security best practices.

Required Skills and Qualifications

• Minimum of 8 years of hands-on experience in penetration testing in large enterprise or complex environments.
• Strong practical experience with critical penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Qualys, OpenVAS, SQLmap, Nikto, and similar frameworks.
• Proven expertise in manual testing techniques beyond automated scanning.
• Strong understanding of network security, operating systems, web technologies, APIs, and cloud security concepts.
• Hands-on experience in writing detailed, structured, and professional penetration testing reports.
• Solid understanding of SOC operations, SIEM platforms (e.g., Splunk, QRadar, Sentinel), and SOAR concepts and workflows.
• Ability to map offensive security findings to detection and response capabilities.
• Excellent verbal and written communication skills; fluency in English is mandatory.

Preferred Qualifications

• Relevant security certifications such as OSCP, OSCE, OSEP, GWAPT, CRTO, or equivalent.
• Experience working closely with blue teams or in purple team engagements.
• Exposure to compliance-driven testing (e.g., ISO 27001, PCI DSS) is an advantage.

Key Competencies

• Strong analytical and problem-solving skills
• Attention to detail and structured documentation approach
• Ability to work independently and lead complex engagements
• Professional communication with both technical and non-technical stakeholders