Application Penetration Tester (APT)

We are seeking a skilled Application Penetration Tester (APT) with hands-on experience in Web, Mobile, and API security testing. The ideal candidate will be responsible for identifying vulnerabilities, performing detailed security assessments, and collaborating with development and operations teams to strengthen the overall security posture of the organization.

• Conduct manual and automated penetration testing for web, mobile, and API-based applications.
• Utilize tools such as BurpSuite, OWASP ZAP, Postman, and other security frameworks for testing and analysis.
• Identify, exploit, and document vulnerabilities with clear technical and business impact.
• Prepare MIS reports, test summaries, and technical documentation for all conducted assessments.
• Collaborate with development teams to provide remediation guidance and verify fixes.
• Stay updated on the latest security threats, trends, and best practices in application security.
• Ensure compliance with OWASP Top 10, SANS25, and other standard security benchmarks.
• Participate in security audits, code reviews, and red team exercises when required.

• Strong understanding of Web/Mobile/API penetration testing methodologies.
• Proficiency in BurpSuite, and familiarity with tools like OWASP ZAP, Nmap, Metasploit, and Postman.
• Knowledge of vulnerability assessment frameworks and secure coding practices.
• Experience in preparing and maintaining MIS reports related to security testing.
• Solid understanding of OWASP Top 10, SANS25, and CWE vulnerabilities.
• Ability to analyze findings and provide clear mitigation strategies.

• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional)
• LPT (Licensed Penetration Tester)
• CEPT (Certified Expert Penetration Tester)
• SANS25 GIAC Certifications

• Bachelors degree in Computer Science, Information Technology, Cyber Security, or a related field.
• Advanced degrees or certifications in Information Security will be an added advantage.