top of page

Black Box PenTester ( Web and API) - Security Lit

Mumbai, Maharashtra, India

Job Type

Full Time



  • Conduct black-box penetration testing of web applications and APIs to identify vulnerabilities, security weaknesses, and potential entry points.

  • Perform manual and automated penetration testing techniques to simulate real-world attack scenarios and uncover system vulnerabilities.

  • Execute various testing methodologies, including but not limited to vulnerability scanning, penetration testing, and security assessment.

  • Collaborate with development and infrastructure teams to understand the application architecture and identify potential security risks.

  • Create detailed reports documenting the identified vulnerabilities, their potential impact, and recommended remediation strategies.

  • Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to continually enhance penetration testing techniques.

  • Participate in team meetings, discussions, and knowledge-sharing sessions to contribute to the overall growth and success of the company.


  • Minimum of 2+ years of experience in penetration testing, specifically in web application and API security.

  • Strong understanding of web technologies, protocols, and frameworks (e.g., HTTP, HTML, CSS, JavaScript).

  • Proficient in using penetration testing tools and frameworks, such as Burp Suite, OWASP ZAP, or similar.

  • In-depth knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and their exploitation techniques.

  • Familiarity with API security testing, including authentication, authorization, and API endpoint vulnerabilities.

  • Ability to analyze and interpret security scan results, identify false positives, and prioritize critical vulnerabilities.

  • Excellent written and verbal communication skills to effectively communicate findings and recommendations to technical and non-technical stakeholders.

  • Relevant certifications such as OSCP, OSCE, CEH, or similar will be considered a plus.

  • Self-motivated, detail-oriented, and able to work independently as well as in a team environment.

About the Company

Security Lit Ltd, a New Zealand-headquartered cybersecurity company recently established as a Private Limited Company in India, is seeking a skilled and motivated Black-Box Penetration Tester to join our team in Mumbai. As a Black-Box Penetration Tester, you will be responsible for assessing the security posture of web applications and APIs through comprehensive penetration testing.

bottom of page