5+ Nessus Jobs in India
Apply to 5+ Nessus Jobs on CutShort.io. Find your next job, effortlessly. Browse Nessus Jobs and apply today!


Job Title: QA Tester – Security & Vulnerability Testing
Experience: 3+ Years
Location: Gurugram (6 Days WFO)
Job Summary :
We’re seeking a QA Tester with strong experience in Vulnerability and Security Testing.
The ideal candidate will perform manual and automated penetration testing, identify security flaws, and work closely with development teams to ensure secure, compliant applications.
Key Responsibilities :
- Perform vulnerability assessments on web, mobile, and cloud apps.
- Conduct tests for OWASP Top 10 issues (e.g., SQLi, XSS, CSRF, SSRF).
- Use tools like Burp Suite, OWASP ZAP, Metasploit, Kali Linux, Nessus, etc.
- Automate security testing and integrate with CI/CD (Jenkins, GitHub, GitLab).
- Test and secure APIs, including auth mechanisms (OAuth, JWT, SAML).
- Ensure compliance with ISO 27001, GDPR, HIPAA, PCI-DSS.
Requirements :
- 3+ Years in QA with a focus on Security/Vulnerability Testing.
- Experience in manual & automated security testing.
- Knowledge of scripting (Python, Bash, JS).
- Familiarity with cloud platforms (AWS, Azure, GCP).
- Bonus: Certifications like CEH, OSCP, Security+, etc.
Primary Skills |
Experience on network vulnerability scanning penetration testing |
Experience with Nessus NetCat, NMAP Backtrack, Metasploit,Wireshark , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone) |
Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) |
In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database |
Thorough and practical knowledge of OWASP |
Hands on experience with popular application security tools – Nessus, Burpsuite, Netsparker, Metasploit, KALI Linux |
Working knowledge of manual testing of web applications |
Good knowledge of modifying and compiling exploit code |
Good understanding and knowledge of codes languages |
Has practical experience in auditing various OS , DB , Network and Security technologies |
Microsoft office – Word, Excel, PowerPoint |
- OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
- OWASP TOP 10 vulnerabilities and their mitigations
- Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
- Understand/modify exploit code and find logical security flaws in applications
- Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
- To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.
This profile will include following responsibilities:
- Perform Web Application Security Testing
- Scan Network for Security Vulnerabilities
- Create detailed security report
- Research on Open source security tools & new security topics
- Create Security Knowledge base for the teamThe candidate should be we well versed with application security concepts, network scanning tools.
This profile will include following responsibilities:
- Perform Web Application Security Testing
- Perform Mobile Application Security Testing
- Scan Network for Security Vulnerabilities
- Co-ordinate with the clients for Project related queries
- Undertake meeting with the client teams for discussing security issues and recommendations
- Create detailed security reports
- Keep track of project progress & send regular updates
- Research on Open source security tools & new security topics
- Create Security Knowledge base for the teamThe candidate should be we well versed with application security concepts, including the mitigation techniques:
- Web Application Security – OWASP Top 10
- Mobile Application Security – Mobile OWASP Top 10
- Threat Modelling
- Risk Rating Frameworks
- Web Traffic Interception (For Web/Mobile apps)
- SSL
- Network Concepts
- Web Development Basics - HTTP/HTML/JavaScript
- Basic Mobile Application Concepts (either Android or IOS)