Senior Software Engineer/Lead Analyst-Security Testing (Penetration testing, DAST, SAST)

Position Description:

Position Description
Company Profile:
Founded in 1976 CGI is among the largest independent IT and business consulting services firms in the world. With 94000 consultants and professionals across the globe CGI delivers an end-to-end portfolio of capabilities from strategic IT and business consulting to systems integration managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at .

Position: Senior Software Engineer/Lead Analyst- Security Testing (Penetration testing DAST SAST)
Experience: 3 to 10 years
Category: Software Development/ Engineering
Location: Bangalore/Hyderabad/Chennai/Pune/Mumbai
Position ID: J0925-0356
Employment Type: Full Time

Education Qualification: Bachelors degree in computer science or related field or higher with minimum 3 years of relevant experience.


We are looking for a highly skilled Penetration Tester to be part of our offensive security initiatives. This role requires strong expertise in manual security testing proficiency with Burp Suite and a solid understanding of industry security standards and frameworks. The ideal candidate will not only conduct advanced penetration testing but also lead mentor and guide a team of testers define methodologies and ensure alignment with compliance and risk management frameworks.

Your future duties and responsibilities:

Lead and perform advanced manual penetration testing across web mobile APIs cloud and infrastructure environments.
Utilize Burp Suite Pro and other industry-standard tools for vulnerability identification exploitation and reporting.
Define and improve penetration testing methodologies processes and best practices.
Manage and mentor junior testers reviewing their findings and ensuring quality deliverables.
Act as primary point of contact for security testing engagements with clients and internal stakeholders.
Provide strategic recommendations on risk remediation and secure development practices.
Align testing practices with security frameworks including:
oOWASP ASVS v5
oOWASP Top 10 (2021)
oNIST 800-115
oISO/IEC 27001/27002
oPCI DSS (where applicable)
Participate in threat modeling exercises red team/blue team activities and adversary simulations.
Prepare and present executive-level reports and conduct stakeholder briefings.
Stay ahead of emerging threats tools and techniques and introduce relevant innovations into the testing practice.

Required qualifications to be successful in this role:

Must to have skills-

Penetration testing DAST Testing SAST Testing OWASP top 10

Required Skills & Qualifications
3Years years of experience in penetration testing.
Advanced skills in manual testing exploitation techniques and vulnerability chaining.
Proficiency in Burp Suite Pro (all modules) and other tools such as Metasploit Nmap Nessus etc.
Strong understanding of cloud security testing (AWS Azure GCP).
Experience in secure SDLC DevSecOps and integrating security testing into CI/CD pipelines.
Familiarity with scripting/programming (Python PowerShell Bash JavaScript etc.).
Demonstrated ability to mentor coach and lead teams.
Excellent client communication and presentation skills.

Preferred Qualifications
Certifications such as OSCP OSWE OSEP GXPN GWAPT GPEN Burp Suite Certified Practitioner.
Experience with red teaming / purple teaming.
Knowledge of regulatory frameworks (NIS2 GDPR HIPAA MDR).
Proven track record of handling large-scale or complex penetration testing projects.

Soft Skills
Strong leadership and decision-making skills.
Ability to balance technical depth with business risk considerations.
Excellent communication skills (executive reporting technical deep dives).
Collaborative mindset with a focus on mentoring and developing talent.


Good to have Skills- Python

Skills:

• Nessus

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our teamone of the largest IT and business consulting services firms in the world.