Job Title

About the Role (Onsite - Gurugram)We are looking for a Security Consultant who wants to grow into a real offensive security professional. This role is for someone who is curious, hands-on, and serious about learning how real-world attacks work.What You’ll Do• Performing VAPT on web, API, mobile, cloud, and infrastructure environments• Support in identifying, validating, and reproducing vulnerabilities• Learn to chain findings into practical attack paths• Write clear and technically accurate vulnerability reports• Reproduce proof-of-concept exploits under guidance• Participate in internal labs, red team simulations, and security research• Help maintain internal testing checklists, scripts, and documentation• Represent the security team in client conversations, defending findings and translating technical risk into business impactWhat We’re Looking For• 3+ years of full-time experience in VAPT, security testing, or related role• Strong understanding of OWASP Top 10 and common web vulnerabilities• Hands-on exposure to tools like Burp Suite, Nmap, or similar• Basic understanding of HTTP, authentication flows, sessions, and APIs• Ability to read basic application code and understand logic flow• Strong curiosity and willingness to test beyond automated tool output• Clear communication skills for writing vulnerability reportsGood to Have• Experience participating in CTFs or bug bounty programs• Basic scripting skills in Python, Bash, or similar• Understanding of cloud security fundamentals• Security certifications like OSCP etcThis Role Is Not For• Candidates willing to work remote/hybrid.• Those looking for a compliance-only or documentation-heavy role• Individuals unwilling to experiment, research, and learn continuously• Candidates who rely only on automated scannersWhat You’ll Gain• Direct exposure to real-world startup environments• Hands-on training in manual testing and exploitation• Opportunity to grow into a senior offensive security role