Penetration Tester

Job Title: Penetration Tester – API & C# Security Specialist

We are seeking a skilled and detail-oriented Penetration Tester with expertise in testing C# applications and RESTful APIs for security vulnerabilities. The successful candidate will conduct security assessments, simulate real-world cyberattacks, and provide recommendations to secure our backend systems, APIs, and .NET-based applications.

🧰 Responsibilities:

Execute rapid and high-quality penetration tests on C# applications and RESTful APIs.

Perform black-box, grey-box, and white-box penetration testing of RESTful APIs and .NET (C#) applications.

Identify and exploit vulnerabilities in authentication mechanisms, input validation, authorization logic, etc.

Test for OWASP Top 10, API Security Top 10, and CWE vulnerabilities.

Collaborate with DevSecOps to provide remediation steps and secure coding practices.

Perform dynamic (DAST) and static (SAST) analysis using tools such as Burp Suite, OWASP ZAP, Checkmarx, and others.

Create detailed reports with technical findings and business risk impact, including recommendations.

Keep current with threat landscape, zero-day vulnerabilities, and emerging tools and techniques.

Utilize tools such as Burp Suite, OWASP ZAP, Checkmarx, Postman, Nmap, Github , and Metasploit.

‍