CrawlJobs Logo

Web application penetration testing

https://www.randstad.com Logo

Randstad

Location Icon

Location:
India, Bengaluru

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs and mobile applications. Working location: Bangalore/Pune

Requirements:

  • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs and mobile applications
  • 3+ years of professional experience in cybersecurity, with a focus on Web application penetration testing
  • Strong understanding of web applications, cryptography, various operating systems and security technologies
  • Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc.
  • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis
  • Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred

Nice to have:

  • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis
  • Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred

Additional Information:

Job Posted:
December 17, 2025

Expiration:
December 19, 2025

Work Type:
On-site work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Web application penetration testing

Application Penetration Tester

We are looking for security engineer who loves solving interesting problems and ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
Job Responsibility
Job Responsibility
  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

IT Security Specialist

Amla Commerce is looking for an experienced IT Security Specialist to join our t...
Location
Location
United States , Milwaukee
Salary
Salary:
Not provided
amla.io Logo
Amla Commerce
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a related field
  • Minimum 2 Years of relevant work experience
  • Proven experience in infrastructure security, manual penetration testing, vulnerability assessment, and web application security
  • Strong knowledge of penetration testing tools and frameworks, including Burp Suite, Owasp Zap, and Metasploit Framework
  • Familiarity with OWASP Top 10 vulnerabilities and best practices for securing web applications
  • Experience with IDS/IPS tools for monitoring and preventing intrusions
  • Familiarity with wireless/Wi-Fi security protocols, encryption standards, and best practices
  • Knowledge of network and system security protocols, technologies, and best practices
  • Strong problem-solving skills and ability to think strategically about security risks and solutions
  • Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams and stakeholders
Job Responsibility
Job Responsibility
  • Conduct manual penetration testing of infrastructure systems, networks, and applications to identify security vulnerabilities and potential risks
  • Utilize various penetration testing tools such as Nmap, Nessus, Burp Suite, Owasp Zap, and Metasploit Framework to identify and exploit vulnerabilities
  • Perform vulnerability assessments using both manual approaches and vulnerability assessment and penetration testing (VAPT) tools like Nessus, OpenVAS, and Qualys
  • Collaborate with the development team to enhance the security of web applications by implementing secure coding practices and addressing OWASP Top 10 vulnerabilities
  • Configure and manage web application firewalls (WAF) to protect against common web-based attacks
  • Implement and maintain infrastructure firewalls, ensuring that proper configurations are in place to protect the network and systems from unauthorized access
  • Manage IP access control lists and handle blocking/unblocking requests as per security policies
  • Ensure compliance with SOC (Security Operations Center) standards and participate in audits and assessments
  • Provide end user system security by deploying and managing antivirus solutions, conducting security awareness training, and responding to security incidents
  • Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to proactively identify potential risks and recommend mitigation strategies
Read More
Arrow Right

Cybersecurity Red Team Project Manager

The Cyber Security Project Manager focuses on coordinating penetration testing p...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical expertise in system security vulnerabilities, remediation techniques, and network/web protocols (e.g., TCP/IP, UDP, IPSEC, HTTP)
  • experience in network, web application, and mobile penetration testing
  • familiarity with penetration testing tools and suites (e.g., Kali Linux, Burp Suite, Metasploit, Cobalt Strike, Mimikatz)
  • understanding of vulnerability scoring systems (CVSS) and frameworks (MITRE ATT&CK)
  • software development skills (C/C++, Java, Python) are advantageous
  • at least one relevant security certification (e.g., CEH, GPEN, GXPN, OSCP, OSC, or equivalent).
Job Responsibility
Job Responsibility
  • Coordinate all project activities with internal stakeholders (Lead Penetration Tester, Awareness Expert, Technical Quality Manager) and the customer
  • plan and execute penetration testing tasks, including scoping meetings and drafting the penetration testing plan
  • prepare and control access rights for penetration tests
  • refine and manage the security test calendar/schedule, ensuring tasks are executed according to plan
  • proactively inform stakeholders (e.g., ECB) about issues such as delays, resource unavailability, or other factors affecting testing or timelines
  • oversee quality assurance for penetration tests, including reviewing penetration testing reports
  • coordinate threat-based testing with the Lead Penetration Tester and awareness sessions with the Awareness Expert
  • support process improvement and documentation of vulnerability management in collaboration with the Technical Quality Manager
  • facilitate stakeholder communication and ensure completeness of handovers and knowledge transfer between resources.
What we offer
What we offer
  • Mobility options (including a company car)
  • insurance coverage
  • meal vouchers
  • eco-cheques
  • continuous learning opportunities through the Sopra Steria Academy
  • the opportunity to connect with fellow Sopra Steria colleagues at various team events.
  • Fulltime
Read More
Arrow Right

Application Security Engineer

We are expanding our team to include a Security Engineer to be 100% focused on o...
Location
Location
United States
Salary
Salary:
175000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Solid fundamentals in webapp and network pentesting (2+ years)
  • 4+ years of professional experience in Ruby on Rails or equivalent and Vue or a Frontend equivalent framework
  • Experience with Linux and cloud environment testing
  • Understanding of security issues for desktop, virtual, cloud services and network infrastructures
  • Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Experience with secure network protocols and encryption of communications between networked hosts
  • Experience in IT systems and security policies, standards, industry trends, and techniques
  • Experience with assessing APT threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and/or verification of new APT TTPs
  • Fundamental understanding of security knowledge of testing mobile, native applications, web applications, distributed and database systems
  • Must be detail-oriented and possess strong problem-solving skills and ability to analyze for potential future issues
Job Responsibility
Job Responsibility
  • Understand and safely use various open source penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures
  • Create security vulnerability reports for both technical and executive audiences
  • While in-between assessments, you will be expected to help our security engineers think through solutions to problems you find
  • Automate tasks and script at a basic level to enhance penetration testing processes
  • Passion for learning new technologies and processes, and contributing to refining existing capabilities
  • Communicate with stakeholders (technical and non-technical), both verbal and written
  • Stay up to date on 0 day exploits for tech stacks we use
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Open concept office with friendly coworkers
  • Creative environment where you can make a difference
  • Trail Mix Bar
  • Fulltime
Read More
Arrow Right
New

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Red Team Engineer

As we continue to scale and grow, we are looking for an experienced Red Team Eng...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
iproov.com Logo
iProov
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in ethical hacking, vulnerability research, exploit development, penetration testing or being a member of a red team, with significant focus on web application security
  • Strong hands-on experience attacking and defending modern web tech stacks
  • Experience with JavaScript/Typescript
  • Proficient with offensive web toolsets (Burp Suite, OWASP ZAP) and experienced building extensions/scripts
  • Experience with developing and maintaining web-focused tooling and automation (Burp extensions, custom scanners, authenticated API fuzzers, GraphQL mutation explorers, Puppeteer/Playwright scripts)
  • Experience with source code reviewing for control flow and security flaws
  • A passion for constructively break things
  • Want to be part of an ambitious, high-growth startup company
  • Written and verbal communication skills in English
Job Responsibility
Job Responsibility
  • Design and execute Red Team Operations against iProov’s biometric platform, web apps, APIs, identity flows
  • Strengthen the company’s security posture through offensive security assessments including the identification and exploitation of vulnerabilities across the web platform
  • Perform penetration testing and realistic security exercises to simulate various attack scenarios, to test and improve our detection and response capabilities, and to identify weaknesses in our infrastructure and products
  • Execute technical security assessments to identify risk, likelihood and impact an attacker may have on the System due to weak or missing controls
  • Conduct research into real-world threat actor tactics, techniques, and procedures (TTP’s) to develop proof-of-concept tools and replicate real world attacks
  • Present findings and operational work to groups in a clear and professional manner
  • Produce clear, actionable reports, risk-ranked remediation plans, and executive summaries aimed at product and engineering stakeholders
  • Collaborate with defenders, product teams, and leadership to translate findings into prioritized, actionable remediation and risk reduction
  • Bring insight into all aspects of modern security issues to our products and rapidly developing prototypes for mitigations
  • Mentor engineers in secure-by-design patterns, client-side security, and secure API design
What we offer
What we offer
  • 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service)
  • Growth Shares allocated after passing probation (6 months of service)
  • Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme
  • Nursery Sacrifice Scheme
  • Work Overseas Perk - Work globally for up to 2 weeks
  • Life Assurance
  • SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family
  • Award winning L&D platform with personal allocated training budgets
  • Benefit from personalized 1:1 career coaching with our in-house Occupational Psychologist
  • Enhanced paid family leave
  • Fulltime
Read More
Arrow Right

Senior Security Software and System Engineer

As part of our HPE Operations Cybersecurity Lab the Senior Security Engineer wil...
Location
Location
Puerto Rico , Aguadilla
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 6-10 years experience
  • Extensive experience with multiple software systems design tools and languages
  • Excellent analytical and problem solving skills
  • Experience in overall architecture of software systems for products, solutions and IT systems
  • Designing and integrating software systems running on multiple platform types into overall architecture
  • In-depth Cyber and IT security knowledge
  • Solid knowledge of security fundamentals and general security technologies, including: network security controls (firewalls, VPNs, IPSec, IDS/IPS), secure code, physical security, cryptography, authentication, identity management, network communication ports and protocols, etc.
  • Experience in Penetration testing with tools
  • Experience with Web Application Security Testing (Tools: Burp, OWASP ZAP etc.)
Job Responsibility
Job Responsibility
  • Leads multiple security and automation project teams of other software systems engineers and internal and outsourced development partners responsible for all stages of design and development for security solutions for complex products and platforms, including solution design, analysis, coding, testing, and integration
  • Design, develop, test, and maintain robust, scalable, and high-quality security and software solutions
  • Bring relevant subject matter expertise on application and systems security strategy, architecture and roadmaps, review application architectures, code and system services from a security perspective
  • Manages and expands relationships with internal and outsourced development partners on software systems design and development
  • Reviews and evaluates designs and project activities for compliance with secure systems design and development guidelines and standards
  • provides tangible feedback to improve product security and mitigate failure risk
  • Provides security domain-specific expertise and overall software systems leadership and perspective to cross-organization projects, programs, and activities
  • Direct and coordinate the implementation of test automation and other test tools (security)
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy