Job Description

Description GSPANN is hiring a Penetration Testing & Offensive Security Engineer to conduct in-depth application security testing and offensive security assessments. The role focuses on identifying, exploiting, and reporting vulnerabilities while supporting remediation and risk reduction.

Role and Responsibilities

  • Lead scoping calls to confirm testing timelines, prerequisites, and overall test readiness.
  • Execute penetration tests using Burp Suite Pro, supported Invicti scans, and custom-built scripts.
  • Identify, exploit, and document vulnerabilities with clear Proof of Concept (PoC) and post-exploitation analysis.
  • Configure and run Dynamic Application Security Testing (DAST) scans while maintaining test plans, scripts, and reports.
  • Prepare detailed technical and executive-level reports in client-approved formats and conduct walkthroughs with application teams.
  • Create remediation tickets in Jira, validate fixes, perform retesting, and close findings with supporting evidence.
  • Upload assessment reports and findings to Apiiro, manage the vulnerability lifecycle, and track remediation against defined Service Level Agreements (SLAs).

    • Skills and Experience

  • 6-8 years of experience in offensive security, Vulnerability Assessment and Penetration Testing (VAPT), or application penetration testing.
  • Hands-on expertise with Burp Suite Pro, Invicti, and OWASP testing tools.
  • Strong experience in Application Programming Interface (API) testing using tools such as Postman.
  • Proven ability to produce high-quality security reports and communicate findings effectively to technical and business stakeholders.
  • Working knowledge of OWASP Application Security Verification Standard (ASVS), Mobile Application Security Verification Standard (MASVS), and OWASP Top 10 vulnerabilities

    • Apply for this Position

    Ready to join ? Click the button below to submit your application.

    Submit Application