Penetration Tester (Android)

**· 5+ years' experience in Penetration testing, including 2+ year experience in Android and 1+ year experience in Web Application.Certification related to Android platform : OSCP (Offensive Security Certified Professional), eMAPT Certification (The Mobile Application Penetration Tester (eMAPT) certification)Role and *· Develop expertise in our product solutions, deep diving into design/architecture, & execute white box and black box penetration scenarios.· Plan, scope and conduct vulnerability assessment/ Penetration test on internal / external facing public assets such as Web application, Android platform, Android Apps, Backend APIs, and Cloud services.· Research & and conduct adversary simulation for known security threats and identify novel attack vectors to test a system's relative security readiness.· Conduct Threat modelling, Threat Intelligence and scoping with stakeholders.· Assist in creating and maintaining internal penetration testing and practice within QA team, managing vulnerabilities and tracking until closure.· Build Test harness & required Automation suites and validate attack vectors in Threat Lab.· Co-ordinate with program management, security architects at Internal & offshore sites.· Stays up to date on current tools, technologies, and vulnerabilities to incorporate into testing practices.· Research and developing exploits for zero-day vulnerabilities.· Conduct penetration test on IOT and Firmware Devices.SkillsNecessary Skills and *· Self-motivated individual with the ability to thrive in a team-based or independent environment.· Detail-oriented with strong organization skills.· Ability to work in a fast-paced environment.· Limited supervision and the exercise of discretion.· Blog post on security research, CVEs, walkthroughs or PoCs on security domain is a plus.EducationRequired Experience and *· 5+ years' experience in Penetration testing, including 2+ year experience in Android and 1+ year experience in Web Application.· Degree in Cyber Security or Security relevant disciplines is a plus.· Certifications in offensive **** OSCP or OSWA or OSWE or CRTO or BSCP or similar is a plus.· Comprehensive knowledge in Information Security practices on malware, phishing attacks, attack vectors and methods to protect against threats.· Extensive Knowledge in Java, python or any relevant programming language.· Malware development or reverse engineering experience is a plus.

Created: 2025-03-08