Job Type: Permanent
Location: Letterkenny, Co. Donegal (Onsite – with flexibility on hybrid model once training has been completed).
The Role
Join the customer’s Attack Surface Management team as an experienced Application Penetration Tester for a major U.S.-based financial services group.
Responsibilities
Perform in-depth manual Application Penetration Testing of web, mobile applications, and APIs (REST/SOAP).
Conduct scoping conversations with the client to thoroughly understand application functionality and scope requirements to ensure accurate and effective penetration testing.
Prepare comprehensive reports detailing vulnerabilities, risks, and remediation recommendations, and present findings to the client.
Retest identified vulnerabilities after remediation to verify effectiveness of implemented fixes and ensure all issues are fully resolved.
Build and maintain trust with the client by providing consistent communication, expert guidance on remediation strategies, and ongoing support throughout the testing process.
Share innovative ideas and collaborate with team members to enhance testing methodologies, improve processes, and drive continuous improvement in security practices.
Research latest and emerging security threats.
Essential & Standard Experience
A few years of industry experience in Application Penetration Testing of web, mobile, and APIs.
Strong understanding of the OWASP WSTG and ability to test web applications using its methodologies.
Proficiency in using the CVSS calculator to assess and prioritise risks based on severity and impact.
Demonstrated expertise in providing clear, actionable remediation advice.
Experience with technologies such as Burp Suite Professional, Jira, ServiceNow, and DAST scanners.
Ability to deliver multiple high‑quality deliverables on schedule while maintaining high standards.
Excellent communication and interpersonal skills for articulating vulnerabilities, risks, and remediation strategies to technical and non‑technical stakeholders.
Proven ability to write clear, structured, evidence‑based reports.
Experience in managing and coordinating tasks across multiple programmes.
Desirable Skills
Experience in manual Application Penetration Testing of iOS and Android applications.
Completed certifications such as Burp Suite Certified Practitioner, HTB Penetration Testing Specialist, or Offensive Security Certified Professional.
Experience in AI penetration testing, including assessment of AI‑driven applications such as chatbots.
Network/infrastructure‑based penetration testing.
Development experience.
Experience in the financial services industry.
Knowledge of Japanese, Spanish, or Portuguese languages is an advantage.
Rewards & Benefits
TCS offers competitive salary packages featuring pension, health care, life assurance, laptop equipment, and access to extensive training resources and discounts within the Tata network.
Diversity, Inclusion and Wellbeing
We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, and sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role.
#J-18808-Ljbffr