Penetration Tester, Security Testing

SutiSoft Pvt. Ltd. is a leading provider of cloud-based business solutions, empowering organizations to streamline operations and enhance productivity. We specialize in developing and delivering innovative software across various domains, including expense management, HR solutions, and e-signature platforms. Role Overview : As a Security/Penetration Tester at SutiSoft, you will play a crucial role in safeguarding our applications and infrastructure from potential threats. You will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and providing actionable recommendations to enhance our security posture. This role involves collaborating closely with development, operations, and security teams to ensure the secure development and deployment of our applications. Your work will directly contribute to protecting our customers' data and maintaining the integrity of our services. Conduct penetration testing and vulnerability assessments on web applications, mobile applications, APIs, and network infrastructure to identify security weaknesses.- Analyze security findings and provide clear, concise, and actionable recommendations to development teams for remediation.- Develop and maintain security testing methodologies, tools, and scripts to automate and improve the efficiency of security assessments.- Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to proactively identify and mitigate potential risks.- Collaborate with development teams to integrate security into the software development lifecycle (SDLC) and promote secure coding practices.- Perform code reviews to identify security flaws and vulnerabilities in source code.- Conduct security research and contribute to the development of security policies and standards.- Participate in incident response activities and provide support for security investigations. Required Skillset : - Bachelor's degree in Computer Science, Information Security, or a related field.- 0-3years of hands-on experience in web application penetration testing.- Demonstrated ability to perform penetration testing and vulnerability assessments on web applications, mobile applications, and APIs.- Strong understanding of application security principles, OWASP top 10 vulnerabilities, and common attack vectors.- Proficiency in using security testing tools such as Burp Suite, OWASP ZAP, Metasploit, and Nmap.- Familiarity with cloud security concepts and technologies, including AWS, Azure, and GCP.- Knowledge of network security protocols and technologies, including TCP/IP, SSL/TLS, and firewalls.- Ability to analyze security findings and communicate technical information effectively to both technical and non-technical audiences.- Experience with reverse engineering and static/dynamic analysis is a plus.-