CGI - Lead Analyst - Security Testing (3-10 yrs)

CGI Inc
Posted on
CGI Inc logo

Experience
3 - 10 yrs
Salary (CTC)
1,950,000 - 2,160,000
Job Location
Mumbai, India
Vacancy
1
Designation
Lead Analyst
Job Type
ONSITE

Job Description

Sr. Test Engineer / Lead Analyst Security Testing

Experience : 3-10 Years

Category : Software Development/ Engineering

Main location : Bangalore / Hyderabad / Chennai / Mumbai / Pune

Employment Type : Full Time

Education Qualification : Bachelor's degree in computer science or related field or higher with minimum 3 years of relevant experience.

We are looking for a highly skilled Penetration Tester to be part of our offensive security initiatives. This role requires strong expertise in manual security testing, proficiency with Burp Suite, and a solid understanding of industry security standards and frameworks. The ideal candidate will not only conduct advanced penetration testing but also lead, mentor, and guide a team of testers, define methodologies, and ensure alignment with compliance and risk management frameworks.

Your future duties and responsibilities :

- Lead and perform advanced manual penetration testing across web, mobile, APIs, cloud, and infrastructure environments.

- Utilize Burp Suite Pro and other industry-standard tools for vulnerability identification, exploitation, and reporting.

- Define and improve penetration testing methodologies, processes, and best practices.

- Manage and mentor junior testers, reviewing their findings and ensuring quality deliverables.

- Act as primary point of contact for security testing engagements with clients and internal stakeholders.

- Provide strategic recommendations on risk remediation and secure development practices.

- Align testing practices with security frameworks, including :

1. OWASP ASVS v5

2. OWASP Top 10 (2021)

3. NIST 800-115

4. ISO/IEC 27001/27002

5. PCI DSS (where applicable)

- Participate in threat modeling exercises, red team/blue team activities, and adversary simulations.

- Prepare and present executive-level reports and conduct stakeholder briefings.

- Stay ahead of emerging threats, tools, and techniques, and introduce relevant innovations into the testing practice.

Required qualifications to be successful in this role :

- Must to have skills-Penetration testing, DAST Testing, SAST Testing, OWASP top 10

- 3+Years years of experience in penetration testing.

- Advanced skills in manual testing, exploitation techniques, and vulnerability chaining.

- Proficiency in Burp Suite Pro (all modules) and other tools such as Metasploit, Nmap, Nessus, etc.

- Strong understanding of cloud security testing (AWS, Azure, GCP).

- Experience in secure SDLC, DevSecOps, and integrating security testing into CI/CD pipelines.

- Familiarity with scripting/programming (Python, PowerShell, Bash, JavaScript, etc.).

- Demonstrated ability to mentor, coach, and lead teams.

- Excellent client communication and presentation skills.

No Referrers Available

There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.