Skip to main content
Application Security

Associate Cybersecurity Consultant

Run hands-on application, network, and cloud security testing with structured senior review and direct customer interaction from day one.

📍 Mumbai / Remote 🗓 Full-time 📊 Junior
application securitypenetration testingOWASP Top 10burp suitemanual testingreportingAPI securitycloud security

Ready to apply?

Send us your CV and a short note on why this role excites you.

Apply Now →

Usually responds within 2 business days

About the Role

Security Brigade is hiring an Associate Cybersecurity Consultant to join our offensive security practice. You will run hands-on security assessments — web and mobile application testing, network vulnerability and penetration testing, source code review, configuration review, cloud security, and API security — and you will be reviewed end-to-end through our L1/L2/L3 senior chain so you grow under structured mentorship. You will work directly with customers across BFSI, fintech, healthcare, government, and tech-sector enterprises. This is a strong fit for engineers one to three years out of college who want a real path into deep offensive security.

What You'll Do

  • Run web and mobile application security testing, vulnerability assessments, source code reviews, configuration reviews, cloud security, and API security testing
  • Profile applications, model threats, and design test cases to target identified threats — across modern stacks
  • Identify and exploit vulnerabilities in applications and networks; document with reproducible proof-of-concept
  • Manage engagement timelines and customer interactions across delivery
  • Produce reports against internal templates with clear remediation guidance
  • Run customer-facing remediation conversations with engineering teams
  • Research emerging security topics and new attack techniques — and write tools / scripts to operationalise them
  • Contribute to internal knowledge-sharing and Lemon platform improvements

What We're Looking For

  • 1–3 years of hands-on security testing experience (internships and serious lab work count)
  • Real working understanding of common security issues, exploitation techniques, and remediation — beyond memorised OWASP Top 10
  • Disciplined manual testing approach — automated scanners are a start, not a finish
  • Working development knowledge of at least one modern programming language
  • Strong understanding of application and network security fundamentals
  • Strong written and spoken English for client-quality reports and direct customer interaction
  • Familiarity with frameworks like React / Django and the threat models that come with them
  • Working knowledge of the standard offensive toolchain (Burp Proxy, Acunetix, sqlmap, Nmap, Nessus, Metasploit)

What We Offer

  • Competitive salary aligned to experience
  • Hybrid + remote-friendly
  • Sponsorship for offensive security certifications (OSCP, eWPTX, CRTO, BSCP)
  • Internal lab environment + dedicated research time
  • Mentorship from L2 / L3 senior researchers on every engagement
  • Active community involvement (OWASP, Null, Nullcon) supported and encouraged

Quick Facts

Team Application Security
Location Mumbai / Remote
Type Full-time
Level Junior
Posted 1 May 2026
Apply for This Role →
← Back to all open positions