1. Home
  2. Senior Software Engineer/Lead Analyst-Security Testing (Penetration testing, DAST, SAST)

Offers “CGI”

New
CGI

Senior Software Engineer/Lead Analyst-Security Testing (Penetration testing, DAST, SAST)

  • Chennai (Chennai)
Apply Now

Job description

Position Description:

Position Description
Company Profile:
Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com.

Position: Senior Software Engineer/Lead Analyst- Security Testing (Penetration testing, DAST, SAST)
Experience: 3 to 10 years
Category: Software Development/ Engineering
Location: Bangalore/Hyderabad/Chennai/Pune/Mumbai
Position ID: J0925-0356
Employment Type: Full Time

Education Qualification: Bachelor's degree in computer science or related field or higher with minimum 3 years of relevant experience.

We are looking for a highly skilled Penetration Tester to be part of our offensive security initiatives. This role requires strong expertise in manual security testing, proficiency with Burp Suite, and a solid understanding of industry security standards and frameworks. The ideal candidate will not only conduct advanced penetration testing but also lead, mentor, and guide a team of testers, define methodologies, and ensure alignment with compliance and risk management frameworks.

Your future duties and responsibilities:

• Lead and perform advanced manual penetration testing across web, mobile, APIs, cloud, and infrastructure environments.
• Utilize Burp Suite Pro and other industry-standard tools for vulnerability identification, exploitation, and reporting.
• Define and improve penetration testing methodologies, processes, and best practices.
• Manage and mentor junior testers, reviewing their findings and ensuring quality deliverables.
• Act as primary point of contact for security testing engagements with clients and internal stakeholders.
• Provide strategic recommendations on risk remediation and secure development practices.
• Align testing practices with security frameworks, including:
o OWASP ASVS v5
o OWASP Top 10 (2021)
o NIST 800-115
o ISO/IEC 27001/27002
o PCI DSS (where applicable)
• Participate in threat modeling exercises, red team/blue team activities, and adversary simulations.
• Prepare and present executive-level reports and conduct stakeholder briefings.
• Stay ahead of emerging threats, tools, and techniques, and introduce relevant innovations into the testing practice.

Required qualifications to be successful in this role:

Must to have skills-

Penetration testing, DAST Testing, SAST Testing, OWASP top 10

• Required Skills & Qualifications
• 3+Years years of experience in penetration testing.
• Advanced skills in manual testing, exploitation techniques, and vulnerability chaining.
• Proficiency in Burp Suite Pro (all modules) and other tools such as Metasploit, Nmap, Nessus, etc.
• Strong understanding of cloud security testing (AWS, Azure, GCP).
• Experience in secure SDLC, DevSecOps, and integrating security testing into CI/CD pipelines.
• Familiarity with scripting/programming (Python, PowerShell, Bash, JavaScript, etc.).
• Demonstrated ability to mentor, coach, and lead teams.
• Excellent client communication and presentation skills.

Preferred Qualifications
• Certifications such as OSCP, OSWE, OSEP, GXPN, GWAPT, GPEN, Burp Suite Certified Practitioner.
• Experience with red teaming / purple teaming.
• Knowledge of regulatory frameworks (NIS2, GDPR, HIPAA, MDR).
• Proven track record of handling large-scale or complex penetration testing projects.

Soft Skills
• Strong leadership and decision-making skills.
• Ability to balance technical depth with business risk considerations.
• Excellent communication skills (executive reporting + technical deep dives).
• Collaborative mindset with a focus on mentoring and developing talent.

Good to have Skills- Python

Skills:

·  Nessus

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.

Make every future a success.
  • Job directory
  • Business directory
    •