What is the salary for this Security Testing Engineer position?

Salary information for this Security Testing Engineer position is available upon application.

What experience is required for this Security Testing Engineer role?

This Security Testing Engineer position requires senior_level of experience.

Where is this Security Testing Engineer job located?

This Security Testing Engineer position is located in Hybrid - Bengaluru, Hyderabad, Chennai.

How do I apply for this Security Testing Engineer position at CGI Group?

You can apply for this Security Testing Engineer position by clicking the 'Apply Now' button on this page, which will direct you to the official application portal.

CGI Group•45d ago

Naukri

Security Testing Engineer

Hybrid - Bengaluru, Hyderabad, Chennai

Full Time

Senior Level

Auto Apply to 50+ AI Matched Security Testing Engineer Jobs

Use Auto Apply Agents to Bulk Apply jobs with ATS Optimised Resumes, find verified Insider Connections for jobs at CGI Group

Full Job Description

Lead Analyst - Security Testing

Company: CGI

Location: Hybrid - Bengaluru, Hyderabad, Chennai, Pune, Mumbai

Employment Type: Full Time

Shift Timing: General Shift

About the Role

CGI is seeking a highly skilled Penetration Tester to join our offensive security initiatives. This pivotal role requires deep expertise in manual security testing, exceptional proficiency with Burp Suite, and a comprehensive understanding of industry security standards and frameworks. You will be instrumental in identifying and mitigating security vulnerabilities across various environments.

Your Future Duties and Responsibilities

Lead and execute advanced manual penetration tests across web applications, mobile platforms, APIs, cloud infrastructure, and traditional IT environments.
Leverage Burp Suite Professional and other leading industry tools for comprehensive vulnerability identification, exploitation, and detailed reporting.
Develop and refine penetration testing methodologies, processes, and best practices to enhance efficiency and effectiveness.
Mentor and manage junior testers, meticulously reviewing their findings to ensure high-quality deliverables.
Serve as the primary liaison for security testing engagements, communicating effectively with clients and internal stakeholders.
Provide strategic recommendations for risk remediation and the implementation of secure development practices.
Ensure testing practices are aligned with critical security frameworks, including:
- OWASP ASVS v5
- OWASP Top 10 (2021)
- NIST 800-115
- ISO/IEC 27001/27002
- PCI DSS (as applicable)
Actively participate in threat modeling exercises, red team/blue team activities, and sophisticated adversary simulations.
Prepare and deliver executive-level reports and conduct informative stakeholder briefings.
Proactively stay abreast of emerging threats, tools, and techniques, integrating relevant innovations into the testing practice.

Must-Have Skills

Extensive experience in Penetration Testing, Dynamic Application Security Testing (DAST), and Static Application Security Testing (SAST).
Proficiency with the OWASP Top 10 vulnerabilities.
A minimum of 3 years of dedicated experience in penetration testing.
Advanced capabilities in manual testing, exploitation techniques, and vulnerability chaining.
Expert-level proficiency with Burp Suite Pro (all modules) and other essential security tools such as Metasploit, Nmap, and Nessus.
Strong understanding and practical experience in cloud security testing (AWS, Azure, GCP).
Experience with Secure Software Development Lifecycle (SDLC), DevSecOps, and integrating security testing into CI/CD pipelines.
Familiarity with scripting and programming languages (e.g., Python, PowerShell, Bash, JavaScript).
Proven ability to mentor, coach, and lead security testing teams.
Excellent client communication and presentation skills.