4+ Nmap Jobs in India

Senior Penetration Tester

Experience: 2–5 years

Industry: EdTech / SaaS

Role Summary:

We are looking for a Penetration Tester to identify and remediate security vulnerabilities in our EdTech platforms including LMS, ERP, web apps, mobile apps, and APIs.

Key Responsibilities:

Perform VAPT on web, mobile, API, and cloud systems

Identify vulnerabilities using OWASP standards

Prepare security reports and remediation guidance

Re-test fixes with development teams

Skills Required:

Web & API security (OWASP Top 10)

Tools: Burp Suite, Nmap, Nessus, Metasploit

Basic scripting (Python/Bash)

Understanding of cloud security basics

Preferred:

EdTech or SaaS experience

Certifications: CEH / OSCP

We are seeking an experienced Cloud Penetration Tester to assess and secure our AWS, Azure, and GCP environments. You will simulate real-world cyber-attacks on cloud infrastructure, SaaS platforms, and APIs to identify security weaknesses and help engineering teams strengthen cloud defenses.

🔐 Key Responsibilities

• Conduct cloud penetration testing across AWS, Azure, and GCP
• Identify misconfigurations, exposed services, IAM weaknesses, and attack paths
• Perform web, API, and SaaS application security testing
• Test IAM roles, policies, authentication, and authorization controls
• Perform SSRF, token theft, and cloud metadata attacks
• Assess S3, Azure Blob, and Cloud Storage security
• Test Kubernetes clusters, containers, and CI/CD pipelines
• Simulate real-world attacker techniques and lateral movement
• Produce clear, actionable vulnerability reports with remediation guidance
• Work with DevOps and Engineering teams to improve cloud security

🛠️ Required Skills

☁️ Cloud Platforms

• AWS (IAM, EC2, S3, RDS, Lambda)
• Azure (Azure AD, VMs, Storage Accounts)
• GCP (IAM, Compute Engine, Cloud Storage)

🔓 Offensive Security

• Cloud tools: Pacu, ScoutSuite, CloudMapper, Stormspotter
• Web & API testing: Burp Suite, Nuclei, OWASP ZAP, SQLmap
• Exploitation: Metasploit, Sliver, Cobalt Strike (or equivalent)
• Privilege escalation: LinPEAS, WinPEAS, GTFOBins

🧪 DevSecOps & Containers

• CI/CD security (GitHub, GitLab, Jenkins)
• Secrets scanning (Gitleaks, TruffleHog)
• Container & Kubernetes security (Trivy, Kube-Hunter)

🎓 Preferred Qualifications

• Certifications: OSCP, CEH, CRTO, AWS Security Specialty
• Experience in Red Team, Bug Bounty, or Cloud Security Operations
• Knowledge of MITRE ATT&CK for Cloud
• Experience with SOC2, ISO 27001, or PCI-DSS environments

This profile will include following responsibilities:

- Perform Web Application Security Testing

- Scan Network for Security Vulnerabilities

- Create detailed security report

- Research on Open source security tools & new security topics

Role & Responsibilities:

• Plan and execute Security Assessment Strategy
• Proactively implement security measures
• Implement tools to Monitor and Report Security violations
• Govern security specification guidelines adherence across product and organization

Skills & Qualification:

• IIT, BE or B Tech
• 4+ years of relevant work experience
• Expert in Application Information Security, VAPT
• Proficient using tools like BURP, NMAP, KALI etc.
• Good understanding of web technologies, APIs and mobile app development practices
• CEH certification preferred