View job on Handshake


  • Make test plan for targets under security evaluation.
  • Discover vulnerabilities or weaknesses in websites or products.
  • Write Proof of Concept exploits for vulnerabilities.
  • Work with development team to fix the discovered vulnerabilities.
  • Analyze/Investigate new attacks, attack surfaces.
  • Stay up to date on the latest attack/exploitation techniques.


  • At least 3 years of experience in Cyber Security or Vulnerability Research.
  • Penetration testing web application and attack analysis experience using tools including Burp Suite, Fiddler, Metasploit, etc.
  • Experience in writing Proof of Concept exploits for vulnerabilities.
  • Familiar with Top Web Application Security Risks/Vulnerabilities and attack techniques in MITRE ATT&CK matrix
  • Solid knowledge of web programming languages and Experience in writing code in PHP, Java, JavaScript and/or Python.
  • Familiar with Database languages.
  • Familiar with popular Web Server software (e.g. Nginx, Apache, IIS) and Web Application Frameworks.
  • Knowledge of OS Internals & networking protocols such as TCP/IP, DNS, HTTP, etc.
  • Self-directed, Self-motivated with the ability to work with minimal supervision and be Productive.
  • Good communication skills and a team player.
  • Proven analytical and problem solving skills and out-of-the-box thinking.
  • CTF, Bug-Bounty or proven public records of Vulnerability Discovery (e.g. CVEs) is a strong plus.


  • Bachelor or Master of Computer Science or Computer Engineering.

Please note, we are currently operating in a hybrid working environment which calls for a blend of on-site and remote work.


If you have any further questions about this role, please contact Bhavya directly at