Consultant offensive security penetration tester

Posted: July 7, 2021, 4:23 p.m. - Full Time - Anywhere in india

Consultant – Offensive Security (Penetration Tester) at NetSentries gets exciting opportunities to work with large enterprises to support them to meet their security and compliance needs. The role is part of Service Delivery function responsible for providing security services and supporting customers for their success in their security posture. We are seeking candidates with an achiever’s mindset seeking fast growth in technology-centric work environment and ample exposure to the latest in the industry to meet challenging customer requirements.

As a penetration tester you will have the opportunity to perform internal/external network-based, and web application-based security vulnerability assessments and penetration tests based upon General Security Controls, Payment Card Industry (PCI DSS), ISO 27000 and NESA standards. You will also perform penetration tests in accordance with industry-accepted methods and protocols.


  • Perform network-based security assessments

  • Perform security assessments on Internet-facing applications

  • Perform security assessments on software applications

  • Perform penetration tests across public networks

  • Perform penetration tests across internal networks

  • Perform assessments of wireless networks

  • Perform assessments of physical security using social engineering

  • Work as a team member on multiple engagements to perform technical software and environment testing

  • Perform security consultation projects to assist Client’s implement security controls

  • Consult with Client’s on approach and proper implementation of technical security controls

  • Develop testing scripts and procedures

  • Other security-related projects that may be assigned according to skills

  • Conducts penetration tests and vulnerability assessments against client infrastructure following a standard testing methodology using automated tools, ad-hoc tools, and manual testing.

  • Compile executive and technical reports and make recommendations to findings in a responsive fashion.

  • Conducts external and internal segmentation testing against client infrastructure.

  • Work on developing an internal framework for Penetration Testing with strong reporting capabilities by customizing Kali Linux and other open-source penetration testing tools.

  • Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects.

  • Thoroughly document exploit chain/proof of concept scenarios for client consumption.


  • 2-5 years of relevant work experience.

  • Ability to work methodically, independently, and prioritize work

  • Excellent communication skills (written & verbal) in English, must be able to present complex technical topics in a clear and structured way, ability to moderate discussions, meetings, and projects. Being able to assume the role as a trusted subject matter expert.

  • Strong technical knowledge in performing manual/ automated network security assessments using open-source and commercial security tools on various operating systems, applications, network and security infrastructure devices.

  • Excellent up-to-date technical and hands-on knowledge, experience in current attack methods, penetration testing methods, and hacking tools; especially for web applications, required.

  • A Desire to learn and to share knowledge.

  • Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25.

  • Hands-on experience in Kali Linux, Metasploit, Nexpose, Nmap, Burp, Paros, Nessus, Appscan, Core Impact and other relevant tools.

  • Programming experience in Python, PHP, Perl, Ruby, NET or other interpreted or compiled languages

  • Experience with reverse engineering, exploit development, mobile, and industrial control systems are a plus.

  • CEH/ECSA/OSCP or other security certifications are desirable

  • Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude

  • Willingness to travel extensively (domestic/international)

NetSentries is an emerging leader in the Cyber Threat Management space. NetSentries provides a portfolio of Security assessment, Control validation, Defensive, and Detective Security advisory to Enterprises. NetSentries is engaged with several business verticals like Banking and Finance, Oil and Gas, Retail, Manufacturing, and Healthcare to assess their current security posture and continuously improve resilience against targeted cyber-attacks. NetSentries works with several Banks and FinServ companies to improve Enterprise-wide security posture and meet compliance requirements from regulators.

Anywhere in India