If you need support in completing the application or if you require a different format of this document,please get in touch with at with the subject line: "Application Support Request". Job Type: PermanentLocation: Letterkenny, Co. Donegal (Onsite - with flexibility on hybrid model once training has been completed).Join a global tech leader right here in Donegal. With over 850 employees and a state-of-the-art global delivery centre, we're proud to offer world-class career opportunities without having to leave the Northwest. Recognised as Workplace of the Year by the Letterkenny Chamber, we foster a culture of continuous learning, innovation, and respect. Our people are at the heart of everything we do – collaborating across teams, geographies, and disciplines to drive real change for clients around the world. Be part of something global, grounded in Donegal. Careers at TCS: It means moreTCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership. The RoleJoin the customer's Attack Surface Management team as an experienced Application Penetration Tester. Our client, a major U.S.-based financial services group, is expanding its security capabilities and seeks a professional who can not only identify vulnerabilities but also guide development teams through effective remediation. Your responsibilities:Perform in-depth manual Application Penetration Testing of web, mobile applications and APIs (REST/SOAP).Conduct scoping conversations with the client to thoroughly understand the application, its functionality, and specific scope requirements to ensure accurate and effective penetration testing.Prepare comprehensive reports detailing vulnerabilities, risks, and remediation recommendations, and effectively present these findings to the client to ensure clear understanding and actionable outcomes.Retest identified vulnerabilities after remediation to verify the effectiveness of implemented fixes, ensuring all issues are fully resolved and meet security standards.Build and maintain trust with the client by providing consistent communication, expert guidance on remediation strategies, and ongoing support throughout the entire penetration testing process.Actively share innovative ideas and collaborate with team members to enhance penetration testing methodologies, improve processes, and drive continuous improvement in security practices.Research latest and emerging security threatsYour ProfileEssential skills/knowledge/experience:A few years industry experience in Application Penetration Testing such as web, mobile & API.Strong understanding of the OWASP WSTG, with the ability to effectively test web application vulnerabilities using its methodologies, ensuring comprehensive identification and mitigation of security risksProficient in using the CVSS (Common Vulnerability Scoring System) calculator to accurately assess and prioritize risks based on severity and potential impact.Demonstrated expertise in communicating clear, actionable remediation advice to address identified issues effectively and support informed decision-making for the client.Familiar working with multiple technologies such as Burp Suite professional, Jira & ServiceNow, DAST Scanners.Ability to deliver several key pieces of work at pace, whilst maintaining high standardsExcellent communication and interpersonal skills, with the ability to clearly articulate vulnerabilities, risks, and remediation strategies to diverse stakeholders, including both technical and non-technical audiencesProven ability to write clear, structured, and evidence-based reports to effectively communicate findings and recommendations to the client.Experienced in managing and coordinating tasks across multiple programs.Desirable skills/knowledge/experience:Have experience in manual Application Penetration Testing of IOS & Android applications.Completed industry certifications such as Burp Suite Certified Practitioner (BSCP), HTB Certified Penetration Testing Specialist (HTB CPTS), Offensive Security Certified Professional (OSCP)Experience in AI penetration testing, including security assessments of AI-driven applications such as chatbots, following best practices outlined in the OWASP AI Testing Guide.Network/Infrastructure based penetration testingDevelopment experienceExperience working within the financial service industryJapanese, Spanish or Portuguese language skills an advantageRewards & BenefitsTCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop and access to extensive training resources and discounts within the larger Tata network.We offer health & wellness initiatives and sports events; we are the proud sponsor of the London Marathon and partner with our local communities in Ireland. Diversity, Inclusion and WellbeingTata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the Ireland Employment Equality Acts as amended) and the Equal Status Acts as amended).We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role.As a Disability Confident Employer, we offer an interview to applicants with disabilities or long-term conditions who meet the minimum criteria for the role. Please email us at if you would like to opt in. If you are an applicant who needs any adjustments to the application process or interview, please contact us at with the subject line: "Adjustment Request" or email to request an adjustment. We welcome requests prior to you completing the application and at any stage of the recruitment process.Beware of Fraudulent offersThis is to notify you that TCS does not ask for any sort of payment or security deposit from candidates at any stage of the recruitment process. The firm never sends out job offers from free internet email services like Gmail, Yahoo Mail, and so on. TCS has not authorised any third-party company to collect money on their behalf. As a vigilant job seeker, beware of fraudulent recruitment activity and protect your interests You can write to to report any fraudulent activity.Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Join us and do more of what matters. Apply online now.