5+ Burp suite Jobs in Bangalore (Bengaluru) | Burp suite Job openings in Bangalore (Bengaluru)

Job Description:

We are looking for a skilled Ethical Hacker (Penetration Tester) who will be responsible for identifying vulnerabilities in systems, networks, and applications before malicious hackers can exploit them. The role involves conducting security assessments, penetration testing, and recommending security improvements to strengthen the organization’s cybersecurity posture.

Key Responsibilities

·      Conduct penetration testing on web applications, mobile applications, APIs, and networks.

·      Identify security vulnerabilities and weaknesses in systems and infrastructure.

·      Perform vulnerability assessments using automated tools and manual techniques.

·      Simulate cyberattacks to evaluate the effectiveness of existing security measures.

·      Prepare detailed security reports highlighting risks, vulnerabilities, and remediation strategies.

·      Collaborate with development, DevOps, and IT teams to fix security gaps.

·      Ensure compliance with security standards and frameworks such as OWASP, ISO 27001, and NIST.

·      Conduct security audits and risk assessments across digital platforms.

·      Stay updated on the latest hacking techniques, security vulnerabilities, and cyber threats.

Required Skills & Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
• 4+ years of experience in ethical hacking, penetration testing, or cybersecurity.
• Strong knowledge of network security, system security, and application security.
• Experience with security tools such as:
• Burp Suite
• Metasploit
• Nmap
• Wireshark
• Kali Linux
• Knowledge of OWASP Top 10 vulnerabilities.
• Understanding of Linux, Windows, and cloud security environments.
• Strong analytical and problem-solving skills.

Preferred Certifications

• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional)
• CompTIA Security+
• CISSP (optional but valuable)

Key Competencies

• Cybersecurity risk assessment
• Vulnerability management
• Penetration testing methodologies
• Incident response awareness
• Strong documentation and reporting skills

Nice to Have

• Experience in cloud security (AWS, Azure, GCP)

About the role:

We are looking for a skilled and driven Security Engineer to join our growing security team. This role requires a hands-on professional who can evaluate and strengthen the security posture of our

applications and infrastructure across Web, Android, iOS, APIs, and cloud-native environments.

The ideal candidate will also lead technical triage from our bug bounty program, integrate security into the DevOps lifecycle, and contribute to building a security-first engineering culture.

Required Skills & Experience:

● 3 to 6 years of solid hands-on experience in the VAPT domain

● Solid understanding of Web, Android, and iOS application security

● Experience with DevSecOps tools and integrating security into CI/CD

● Strong knowledge of cloud platforms (AWS/GCP/Azure) and their security models

● Familiarity with bug bounty programs and responsible disclosure practices

● Familiarity with tools like Burp Suite, MobSF, OWASP ZAP, Terraform, Checkov..etc

● Good knowledge of API security

● Scripting experience (Python, Bash, or similar) for automation tasks

Preferred Qualifications:

● OSCP, CEH, AWS Security Specialty, or similar certifications

● Experience working in a regulated environment (e.g., FinTech, InsurTech)

Responsibilities:

● Perform Security reviews, Vulnerability Assessments & Penetration Testing for Web,

Android, iOS, and API endpoints

● Perform Threat Modelling & anticipate potential attack vectors and improve security

architecture on complex or cross-functional components

● Identify and remediate OWASP Top 10 and mobile-specific vulnerabilities

● Conduct secure code reviews and red team assessments

● Integrate SAST, DAST, SCA, and secret scanning tools into CI/CD pipelines

● Automate security checks using tools like SonarQube, Snyk, Trivy, etc.

● Maintain and manage vulnerability scanning infrastructure

● Perform security assessments of AWS, Azure, and GCP environments, with an emphasis

on container security, particularly for Docker and Kubernetes.

● Implement guardrails for IAM, network segmentation, encryption, and cloud monitoring

● Contribute to infrastructure hardening for containers, Kubernetes, and virtual machines

● Triage bug bounty reports and coordinate remediation with engineering teams

● Act as the primary responder for external security disclosures

● Maintain documentation and metrics related to bug bounty and penetration testing

activities

● Collaborate with developers and architects to ensure secure design decisions

● Lead security design reviews for new features and products

● Provide actionable risk assessments and mitigation plans to stakeholders

3+ years of experience in cybersecurity, with a focus on application and cloud security.

· Proficiency in security tools such as Burp Suite, Metasploit, Nessus, OWASP ZAP, and SonarQube.

· Familiarity with data privacy regulations (GDPR, CCPA) and best practices.

· Basic knowledge of AI/ML security frameworks and tools.

Cybersecurity Analyst – Job Description

Responsibilities:

• Monitor and respond to security incidents across networks and systems.
• Conduct vulnerability assessments and penetration testing.
• Implement and manage security tools like firewalls, IDS/IPS, and antivirus.
• Ensure compliance with security standards (e.g., ISO 27001, NIST).
• Prepare reports and recommend mitigation strategies.

Tools Often Used:

• Nessus for vulnerability scanning.
• Metasploit for exploit development and testing.
• Burp Suite and OWASP ZAP for web application security testing.

• OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
• OWASP TOP 10 vulnerabilities and their mitigations
• Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
• Understand/modify exploit code and find logical security flaws in applications
• Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
• To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.