28199-IT Security, penetration testing L2
Indexed description
Company Profile:
At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve. At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at www.cgi.com.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans. We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted. No unsolicited agency referrals please.
Job Title: IT Security, penetration testing L2
Category: Penetration Testing
Location: Bangalore
Employment Type: Full Time
Position ID: J0626-0802
Experience Required: 2-5 Years
Education Level: Bachelor's Degree or equivalent with at least 3-5 years of experience.
Job Summary:
We are looking for a highly motivated IT Security Analyst, Penetration Tester L2 with hands-on experience in Mobile, Web, and API Security Assessments. The candidate will be responsible for performing vulnerability assessments and penetration testing of enterprise applications, identifying security weaknesses, and collaborating with development teams to enhance application security posture.
Key Responsibilities:
Direct Responsibilities
- To perform Penetration testing (Gray Box and/or Black Box) for Web applications, Mobile, API, and thick client applications.
- Hands-on mobile penetration tester with strong knowledge and experience in Android and iOS application security testing (both static and dynamic), responsible for discovering, validating and reporting security issues in mobile applications.
- Perform Static analysis (SAST) and Dynamic analysis (DAST) on Android APKs and iOS IPA to identify insecure storage, hardcoded secrets, insecure configurations, runtime hooking, parameter tampering etc
- Conduct reverse engineering and protection bypass on mobile applications including decompiling /inspecting binaries, analyzing native libraries (.so/.dylib) and bypassing client-side protections (root / jailbreak detection, SSL pinning, obfuscation, tamper checks etc.) using tools like Frida, objection magisk, cydia/selio/zebra and Xposed.
- Strong research knowledge and should be updated with evolving mobile threats and industry standard (OWASP MASVS/MASTG)
- To understand the application's security requirements and identify & document the scope of the test.
- Ensure execution of the documented security scenarios for the application under test.
- Document and report all findings.
- Collaborate with the developers to help them understand the vulnerabilities reported in application.
- Escalate issues to the local management and onshore stakeholders in case it affects the testing progress.
- Ensure processes for the project is followed for the assessments.
- Mobile, Web & API Penetration Testing
- Optional, experience in Source Code Assessment (SCA)/SAST.
Technical & Behavioural Competencies
- Clear understanding of OWASP Top 10 - application security risks
- Tools/OS: Burp Suite, OWASP ZAP, Kali Linux, mobsf, jadx, dex2jar, adb, xcode, Frida, objection, apktool, putil, otool.
- Manual Security Testing & Analysis, Security Test Designing
- Excellent Interpersonal and presentation skills
- Strong in verbal and written communication
- Good analytical skills
- Strong Time Management
- Must be flexible, independent, self-motivated.
- Team player
CSSLP/CEH or equivalent certification preferred
Skills Referential (Required Knowledge, Skills And Abilities)
Behavioural Skills:
- Ability to collaborate / Teamwork
- Attention to detail / rigor
- Adaptability
- Communication skills - oral & written
Required Qualifications To Be Successful In This Role
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
That same commitment to fairness extends to how we use technology. To support our recruitment team, AI tools may be used to help assess applications though they never replace human judgement. All hiring decisions remain entirely in the hands of our recruitment professionals.
Come join our team—one of the largest IT and business consulting services firms in the world.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search