NexRoar Services Hiring! Full Time Penetration tester in Federal Territory - Ricebowl

Key Responsibilities VAPT Assistance: Conduct security assessments (VAPT) on web applications, APIs, and mobile platforms (iOS/Android) under senior guidance. Cloud & Container Support: Assist in the testing and auditing of Cloud environments (AWS, Azure, and GCP) and container configurations (Docker and Kubernetes). Secure Code Review: Support manual and automated secure code reviews to identify vulnerabilities in application source code early in the SDLC. Adversarial Support: Participate in adversarial simulation exercises, mimicking threat actor tactics to validate security controls. Reporting & Classification: Document and classify identified vulnerabilities using CVSS v4.0 and assist senior staff in providing actionable remediation advice. Regulatory Alignment: Ensure all security assessment execution adheres to BNM RMiT, NIST, and PCI-DSS 4.0 standards. Required Skills & Qualifications Experience: 1–3 years of professional experience in offensive security, penetration testing, or a strong academic background in cybersecurity. Technical Depth: Foundational knowledge of identifying vulnerabilities in web applications, APIs, and common network services. Familiarity with basic Cloud concepts (e.g., IAM, VPC) is a plus. Tooling: Proficiency with industry-standard tools such as Burp Suite and basic familiarity with common security scanners (e.g., MobSF, Postman).