Offer summary

Qualifications:

OSCP or CREST certification is required., 3-5 years of professional experience in penetration testing., Strong understanding of OWASP testing guidelines is essential., Familiarity with at least one programming language is necessary..

Key responsabilities:

Perform penetration tests on various applications and manage the entire process using a specialized platform.

Conduct vulnerability assessments and penetration tests for web apps, mobile apps, and cloud infrastructure.

Interact with clients to discuss remediation steps and maintain the vulnerability management system.

Contribute to the development of intelligence for the DAST scanner.

Astra Security is a privately held U.S. & India based cyber security company. Backed by Techstars, Astra offers a Pentest Platform that helps organizations become proactively secure. The Pentest Platform uncovers more than 30,000+ vulnerabilities for its customers every month, saving its customers millions of dollars in potential loss and thousands of developer hours. The company has earned several accolades including ‘The Most Innovative Security Company’ by Prime Minister Narendra Modi at the Global Conference on Cyber Security (2017), one of the top 50 emerging cybersecurity companies at ‘Emerge 50’ by NASSCOM, the French Tech Ticket under which Astra Security got rewarded by the President of France under the La French Tech program. In 2021, Astra Security was also named as a CyberTech100 company. Astra is a trusted security partner to some of the well-known brands like Muthoot Finance, NIIT, Goldcast, ITC & more. Our flagship product, ASTRA, brings together an extensive feature set of manual/automated penetration testing tools, while performing a comprehensive vulnerability assessment and proactively responds to threats.

Job description

This is a remote position.

At Astra you will be:

Performing hacker style pentests on our customer’s applications and managing the entire pentest using our one of a kind Pentest platform

Carrying out VA/PT for web apps, mobile apps, Cloud infrastructure, SaaS apps, network devices, open-source projects etc.

Contributing towards building intelligence for our DAST scanner.

Interacting with clients over remediation calls.

Facilitating clients to map out the steps for fixing vulnerabilities.

Maintaining our vulnerability management system.

Requirements

OSCP or CREST certified

Strong understanding of OWASPs testing guidelines

3-5 years of professional experience in doing pentests on multiple assets including web apps, cloud infrastructure etc.

Comfortable in Black Box, WhiteBox testing with capability of finding business logic vulnerabilities

Experience directly interfacing with customers over calls & emails

Able to understand code in any one programming language

Good to have:

A few published CVE’s

A bug bounty/CTF experience

Benefits

Embrace the cosy remote work lifestyle.
Health Insurance cover for you and your spouse.
Feel the startup adrenaline pumping through your veins.Revel in our open, growth-centric ambiance; it's like a digital playground.
Dive deep into the captivating world of cybersecurity.
And yes, get ready for some unforgettable workcations—think Chikmagalur & Jim Corbett.