Job Opening details:-
Company Name :-

Position Name :-

Company Location :-
Hyderabad, Telangana


Full Job Description :-
About The Role

Sec-1 is a Claranet Group Company, established since 2001 and now providing professional standard Information Security Solutions to over 600 customers across Public and Private sectors. Sec-1 Ltd’s Continuous Security Testing (CST) team is composed of highly skilled penetration testers with a real passion for improving system security posture by demonstrating how they can be broken. Team members work on everything from customer projects to community work to gaining credit for published advisories. Our team needs to grow, we are producing amazing results that make a real difference, and if you can help make this difference you should come join us too.


The primary function of the Associate Penetration Tester in the CST team is to manually verify the findings of the automated scanners and assist the team to achieve the delivery goals. The Associate Penetration Tester will be properly mentored in order to support the Penetration Testers on pre-engagement activities including scoping, statements of work, working with customers to determine their testing requirements and restrictions, and on boarding customers into the service, as well as on manual testing.

Essential duties & responsibilities

The Continuous Security Testing service is a consultant led vulnerability identification and verification service which makes use of automated vulnerability scanning along with significant manual testing against a broad scope in a continuing engagement. The purpose of the service is to continually monitor a customer’s external attack surface for new vulnerabilities, changes in the scope of the attack surface, and proactively inform customers of discovered issues along with recommended remediation; with the overall aim of reducing the lifetime of each vulnerability. Manual testing includes identification of issues which automation alone could not identify, exploitation of all issues, often chaining multiple findings together in order to determine the true impact of vulnerabilities for the customer.

Manual identification and exploitation of vulnerabilities.
Manual verification and exploitation of scanner findings.
Detailed analysis of issues identified and exposure for the customer including proof of concept, reproduction steps, and recommended remediation.
Communication of findings to the customer in a detailed, accurate and manageable manner both orally and through written vulnerability/scope notifications and periodic summaries.
Continual professional development to maintain and develop knowledge and technical competencies.
Maintain professional technical qualifications to demonstrate competency to our clients.
Undertaking projects and support tasks as appropriate to the role.

During mentoring and experience progression, the Associate Penetration Tester will be tasked with:

Pre-engagement activities including scoping of assessments and statements of work and determining customer requirements and restrictions.
On boarding customers into the service including configuration of continual scanning and liaising with customer to resolve issues which may reduce the effectiveness of scanning.
Monitoring of the customers’ external perimeter for changes, and proactive discovery of new targets to include within the customer’s scope.
About You
Position specifications


Excellent written and spoken English including presentation, structure, spelling, and grammar. Along with experience conveying technical information in an accessible manner.
Core computing skills including but not limited to:
Networking fundamentals – understanding of OSI Model, TCP/IP, HTTP, DNS, SMB, SMTP and relevant tools.
Microsoft Windows and Office proficiency along with proficiency in one or more Linux distributions.
Good knowledge of web application technologies and security assessment including but not limited to:
REST APIs, XML and JSON formats.
Vulnerability identification and exploitation (not limited to OWASP Top 10).
Experience with common assessment tools such as MITM proxies (e.g. Burp Suite Pro and SQLMap).
Knowledge of a scripting language such as Python (preferred), Ruby, PowerShell, or Bash, for the development of new, or editing existing, tools.
Evidence of rapidly and confidently gaining and knowledge of emerging technologies, vulnerabilities, and penetration testing tools and techniques.
Excellent time management including setting priorities and goals to complete assigned and arising tasks.
General knowledge of internal and external infrastructure technologies and security assessment including but not limited to:
Identification and exploitation of misconfigurations or known vulnerabilities in common enterprise infrastructure and services (Windows Domains, Linux servers, virtualisation, databases, switches/routers, etc).
Windows and Linux Sandbox/Desktop Breakout.
Knowledge of Open Source Intelligence gathering techniques. Including but not limited to use of Google dorks, DNS, domain registration, certificate transparency, and other public sources of information.
Experience with live bug bounties, particularly where automation has been implemented.

Desirable Qualifications

A cyber security certification would be a plus.
A related Bachelor’s degree.
About Us
Founded in 1996, Claranet has evolved into a multi-disciplinary technology services provider with global reach. The company has annualised revenues of circa £400 million, over 6,500 customers, and more than 2,500 employees in nine countries. In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.

We’re working on building an ever-improving company based on openness, diversity, collaboration, and empathy as our core values, a company that aims to be inclusive for the diverse group of people we get to work with, and where everyone supports each other and celebrates successes together. We want our people to feel engaged, comfortable, and healthy—and to know that they can belong here, no matter their story or background. If this resonates with you, then come and join us.