Test Engineer (Ethical Hacking)

Overview

Seeking an experienced Test Engineer specializing in ethical hacking and penetration testing for web, mobile, and API applications. The role involves simulating real-world attacks, identifying critical vulnerabilities, and ensuring robust security for transaction-intensive systems, particularly in government and financial platforms.

What You'll Do6

• 1Perform hands-on penetration testing across web portals, mobile apps, and APIs with a focus on transaction-intensive platforms
• 2Identify and help remediate critical vulnerabilities in government or PSU procurement/financial systems
• 3Simulate fraud scenarios such as bid manipulation, price tampering, replay attacks, fake approvals, and maker-checker bypass
• 4Test authentication, session/token security, API penetration, input manipulation, and business logic flaws
• 5Highlight the business impact of exploits including financial loss, unfair deal awards, and reputational risk
• 6Use advanced security tools like Burp Suite, OWASP ZAP, Kali Linux, Metasploit along with custom scripting for attack simulation

Requirements7

• 15+ years total experience, with minimum 3 years specifically in penetration testing and vulnerability assessment
• 2Proven track record of identifying and remediating critical vulnerabilities in at least one government/PSU project or equivalent high-scale procurement/financial system
• 3Strong hands-on experience in business logic testing and fraud simulation including bid manipulation, price tampering, replay attacks, and maker-checker bypass
• 4Proficient in advanced security tools such as Burp Suite, OWASP ZAP, Kali Linux, Metasploit, and custom attack scripting
• 5Deep understanding of e-procurement/marketplace fraud patterns (e.g., forged bids, multi-account collusion, transaction replay, audit trail manipulation)
• 6Bachelor's degree in Engineering/IT (B.Tech/BE) or MCA
• 7At least one advanced security certification: OSCP, OSWE, CEH Practical, or CREST

Who Should Apply

Salary Insight