What is the salary for this Penetration Tester position?

Salary information for this Penetration Tester position is available upon application.

What experience is required for this Penetration Tester role?

This Penetration Tester position requires mid_level of experience.

Where is this Penetration Tester job located?

This Penetration Tester position is located in Hybrid - Bengaluru, Hyderabad.

How do I apply for this Penetration Tester position at Kotak Mahindra Bank?

You can apply for this Penetration Tester position by clicking the 'Apply Now' button on this page, which will direct you to the official application portal.

Kotak Mahindra Bank•9h ago

Naukri

Penetration Tester

Hybrid - Bengaluru, Hyderabad

Full Time

Mid Level

Auto Apply to 50+ AI Matched Penetration Tester Jobs

Use Auto Apply Agents to Bulk Apply jobs with ATS Optimised Resumes, find verified Insider Connections for jobs at Kotak Mahindra Bank

Full Job Description

Kotak Mahindra Bank is seeking an experienced Penetration Tester to join its dynamic Platform Engineering team. This role is crucial for identifying and mitigating security vulnerabilities within our web applications and REST APIs, ensuring the robust security posture of our client systems. The ideal candidate will possess a deep understanding of penetration testing methodologies and tools, with a proven ability to analyze complex systems and provide actionable remediation recommendations.

Key Responsibilities:

Conduct comprehensive penetration tests on web applications and REST APIs using diverse tools and techniques.
Identify and report vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), authentication and authorization weaknesses, and session management issues.
Test REST API security, including input validation, error handling, authentication/authorization mechanisms, and data encryption.
Analyze findings, generate detailed reports with remediation recommendations and implementation timelines.
Collaborate closely with development teams to ensure timely resolution of identified vulnerabilities.
Maintain up-to-date knowledge of emerging security threats, tools, and techniques through continuous learning and professional development.

Requirements:

Minimum 3 years of experience in penetration testing, with a specific focus on web applications and REST APIs.
Strong grasp of web application security concepts, including OWASP Top 10, Web Application Security Risks (WASR), and Secure Coding Practices.
Proficiency with penetration testing tools such as Burp Suite, OWASP ZAP, Nmap, and sqlmap.
Solid understanding of REST API security principles, including API Security Frameworks (e.g., OAuth 2.0), data encryption protocols (e.g., HTTPS), and authentication mechanisms (e.g., JWT).
Experience with scripting languages like Python or Ruby is advantageous.
Excellent analytical, problem-solving, communication, and reporting skills.

Nice to Have:

CISSP or equivalent security certification.
CEH or equivalent penetration testing certification.
Experience with cloud platforms (AWS, Azure).
Familiarity with Agile development methodologies.
Experience with DevOps tools (Docker, Jenkins).

This is a hybrid role, based in Bengaluru or Hyderabad.

Company

Kotak Mahindra Bank

Kotak Mahindra Bank is a leading financial institution in India, offering a comprehensive range of banking and financial services. Committed to innovation and customer-centricity, the bank continuousl...

Hybrid - Bengaluru, Hyderabad

Posted on Naukri