Full-Time Penetration Tester (OWASP, Burp Suite)
NECSWS is hiring a remote Full-Time Penetration Tester (OWASP, Burp Suite). The career level for this job opening is Experienced and is accepting Mumbai, India based applicants remotely. Read complete job description before applying.
NECSWS
Job Title
Penetration Tester (OWASP, Burp Suite)
Posted
Career Level
Full-Time
Career Level
Experienced
Locations Accepted
Mumbai, India
Share
Job Details
We are seeking a talented and motivated Application Penetration Tester to join our growing security team.
Responsibilities will include:
- Plan and execute penetration testing engagements for web applications, APIs, mobile applications, thick clients, infrastructure and cloud penetration testing.
- Identify and exploit vulnerabilities in applications using manual and automated testing techniques.
- Document findings in detail, including proof-of-concept exploits and recommendations for remediation and report writing skills.
- Collaborate with development and security teams to remediate vulnerabilities and improve application security.
- Stay up-to-date on the latest hacking techniques, vulnerabilities, and security tools.
- Participate in security code reviews and provide guidance on secure coding practices.
- May assist with developing and maintaining internal security tools and processes.
Experience Essential:
- Experience using a formal application penetration testing methodology such as Open-Source Security Testing Methodology Manual (OSSTMM) or Penetration Testing Execution Standard (PTES).
- Experience using Kali Linux including bundled penetration testing tools (Nmap, Wireshark, OWASP ZAP, Sqlmap, Metasploit).
- Experience using Burp Suite for application penetration testing.
- Knowledge of scripting and programming languages (e.g., Python, Ruby, Bash, Powershell) for custom tool development and automation.
- Familiarity with various operating systems and network structures, including client/server, Unix/Linux systems, Mac OS X, VMware/Xen, Virtual Box and cloud technologies such as AWS, Azure, or Google Cloud and Active Directory.
- Understanding of common application issues and remediation techniques, OWASP Top 10.
- Understanding of secure development practices within a secure software development lifecycle, experience of Waterfall, Agile and DevOps / DevSecOps practices.
- Hold at least one recognised application penetration testing certification, e.g. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), CompTIA PenTest+.
- Can produce high quality documentation including test reports and best practice guidance.
- Good Interpersonal, written and verbal communication skills.
Desirable:
- Working knowledge of threat modelling methodologies to conduct threat-modelling against new applications and services.
- Familiarity with compliance & security standards across the enterprise IT landscape such as ISO 27001 and NCSC Cyber Essentials, as well industry security requirements such as NIST and CIS.
FAQs
What is the last date for applying to the job?
The deadline to apply for Full-Time Penetration Tester (OWASP, Burp Suite) at NECSWS is
28th of December 2025
. We consider jobs older than one month to have expired.
Which countries are accepted for this remote job?
This job accepts [
Mumbai, India
] applicants. .
Related Jobs You May Like
VAPT Application Penetration Tester
Chennai, India
4 days ago
Network Security
OWASP
Penetration Testing
Sutherland
Full-Time
Experienced