Penetration Tester / Application Security Analyst

Position Description:

Company Profile:
Founded in 1976 CGI is among the largest independent IT and business consulting services firms in the world. With 94000 consultants and professionals across the globe CGI delivers an end-to-end portfolio of capabilities from strategic IT and business consulting to systems integration managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at .


Job Title: Penetration Tester
Position: Penetration Tester / Application Security Analyst
Experience: 3years
Category: Software Development/ Engineering
Shift: General Shift
Main location: Bangalore Chennai Hyderabad Mumbai
Position ID: J0925-0354

Employment Type: Full Time
Education Qualification: Any graduation or related field or higher with minimum 3 years of relevant experience.
Position Description:
We are seeking a skilled and detail-oriented Penetration Tester to join our cybersecurity team. This role involves performing manual security assessments across web mobile API and network environments identifying vulnerabilities and collaborating with cross-functional teams to enhance security posture. The ideal candidate will have hands-on experience with tools like Burp Suite a deep understanding of threat modeling and a passion for staying ahead of emerging threats.

Your future duties and responsibilities:

Conduct manual penetration testing on web mobile API and network systems.
Utilize tools such as Burp Suite for vulnerability discovery exploitation and documentation.
Identify validate and reproduce application and infrastructure vulnerabilities.
Perform threat modeling and risk assessments to uncover potential attack vectors.
Document findings with clear evidence risk ratings and actionable remediation guidance.
Collaborate with development DevSecOps and security teams to promote secure coding and design practices.
Stay current with OWASP Top 10 SANS CWE Top 25 and evolving threat landscapes.
Ensure testing aligns with industry standards and compliance frameworks including:
OWASP ASVS v5
NIST 800-115
ISO/IEC 27001 / 27002
PCI DSS (as applicable)

Required qualifications to be successful in this role:

3 years of experience in penetration testing and vulnerability assessment.
Strong command of manual testing techniques and exploitation strategies.
Proficiency in Burp Suite (Pro/Community) and its modules (Intruder Repeater etc.).
Scripting knowledge in Python Bash PowerShell or JavaScript.
Familiarity with secure coding practices and integrating security into SDLC/CI-CD pipelines.
Solid understanding of CVEs CVSS scoring and vulnerability databases.
Experience in delivering technical reports and communicating findings to diverse audiences.

Technical Skills:
Certifications such as OSCP CEH GWAPT GPEN or Burp Suite Certified Practitioner.
Experience with DAST/SAST tools and security automation.
Exposure to cloud security testing (AWS Azure GCP).
Understanding of regulatory frameworks like NIS2 GDPR HIPAA MDR (especially for healthcare domains).
Strong analytical and problem-solving abilities.
Excellent verbal and written communication.
Self-motivated with the ability to work independently and in team settings.
Meticulous attention to detail and commitment to quality.

Skills:

• Nessus

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our teamone of the largest IT and business consulting services firms in the world.