TECHNICAL LEAD - Penetration TestingHappiest Minds Technologiesfull-timeRequired skillsAWSAndroidAPIAzurebankingcode reviewcommunication skillsDevOpsGCPGraphQLiOSmicroservicesnetwork securitySOAPSource CodeSDLCAbout the role Happiest Minds Technologies Website: happiestminds.com Job details: Key ResponsibilitiesSecurity AssessmentsPerform Web Application Security Testing based on OWASP Top 10, SANS, and industry standards.Conduct Mobile Application Security Testing (Android/iOS).Evaluate API Security for REST, SOAP, GraphQL, and microservices.Secure Code ReviewConduct manual and automated source code reviews across multiple languages and frameworks.Provide detailed remediation guidance to development teams.Cloud SecurityPerform intermediate cloud security reviews (AWS/Azure/GCP).Identify misconfigurations and assess cloud-native security risks.Network SecurityConduct basic network security assessments and configuration reviews.Risk Assessment & GovernanceApply strong understanding of banking domain risks, regulatory expectations, and security controls.Map technical findings to business impact, ensuring accurate risk interpretation.Perform risk assessment and vulnerability risk rating using industry-standard frameworks (CVSS, OWASP risk rating, custom client risk models, etc.).Support secure design discussions and provide guidance during architecture reviews.Reporting & CollaborationPrepare clear and comprehensive reports with risk ratings and remediation steps.Collaborate with developers, DevOps, infrastructure, and architecture teams to close vulnerabilities.Support integration of security controls into SDLC/DevSecOps pipelines.Required Skills & ExpertiseStrong hands-on experience in Web, Mobile, and API Security Testing.Proficiency in manual and automated source code reviews.Intermediate level understanding of cloud security (AWS, Azure, GCP).Basic understanding of network security.Strong knowledge of banking processes, application workflows, and business risks.Ability to translate technical vulnerabilities into business impact.Familiarity with risk assessment frameworks and vulnerability rating mechanisms.Proficiency with security tools such as Burp Suite, MobSF, Postman, Checkmarx, Fortify, SonarQube, OWASP ZAP, etc.Excellent analytical, documentation, and communication skills.Ability to operate independently as an Individual Contributor in a fast-paced environment.Preferred QualificationsCertifications such as OSCP, OSWE, OSEP, CEH, eWPTX, eMAPT, CISA, CCSK, AWS/Azure Security, or relevant security credentials.Exposure to DevSecOps pipelines, CI/CD, container security.Static/dynamic testing of mobile applications Click on Apply to know more. This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.