Security_testing

We are #Hiring: #Security_testing

Job Title : #Security_testing

Location : Chennai - ( Hybrid )

Total Yrs. of Experience : 4 to 7 Years

️ Duration: Contract to Hire (C2H)

Notice Period: Immediate Joiners to 30 Days

Job description*:

Security Tester (Penetration Testing Specialist) with strong expertise in Burp Suite, vulnerability management, and DevSecOps practices.

The candidate will be responsible for identifying, assessing, and mitigating security risks across applications and infrastructure

#Key Responsibilities:

• Perform Application Security Testing (Web/API) using tools such as Burp Suite

• Conduct manual and automated penetration testing to identify vulnerabilities

• Execute OWASP Top 10 validation and security assessments

• Manage end-to-end vulnerability lifecycle:

o Identification

o Risk assessment

o Reporting

o Remediation tracking

• Collaborate with development teams to integrate security in SDLC (DevSecOps model)

• Perform secure code review (preferred)

• Configure and monitor security scanning tools (DAST/SAST)

• Generate detailed security assessment reports with actionable recommendations

• Support compliance and audit activities (ISO, internal security standards if applicable)

#Required Skills & Expertise:

Core Security Skills

• Strong hands-on experience in:

o Penetration Testing (Web & API)

o Burp Suite (Pro preferred)

• Deep understanding of:

o OWASP Top 10 vulnerabilities

o Common attack vectors (XSS, SQL Injection, CSRF, SSRF, etc.)

Vulnerability Management

• Experience in:

o Vulnerability scanning tools (Qualys, Nessus, etc.)

o Tracking and remediation lifecycle

o Risk classification and reporting

DevSecOps

• Knowledge of integrating security tools in CI/CD pipelines

• Experience with tools such as:

o SAST/DAST tools

o Git, Azure DevOps / Jenkins pipelines

• Familiarity with shift-left security practices

#Preferred Skills:

• Experience in cloud security (Azure/AWS)

• Knowledge of container security (Docker/Kubernetes)

• Exposure to API security testing tools (Postman, Insomnia, etc.)

• Certifications (Good to have):

o CEH / OSCP / GWAPT / Security+

#Soft Skills:

• Strong analytical and problem-solving skills

• Ability to clearly communicate security risks to technical and non-technical stakeholders

• Experience working in Agile/Scrum environments

--

Thanks & Regards

P. Sona

Talent Acquisition

Burgeon IT Services Pvt.ltd.

Email : ,

Website:www.burgeonits.com

USA AUSTRALIA INDIA