Introducing BugDazz - The modern pentest solution

Say hello to BugDazz, our in-house pentest platform, built specifically to give you complete transparency into your pentest's progress

Request a Demo

Overview

Application Pentest

Enhance the security of your applications and elevate your DevSecOps practice.

Enterprise Pentest

Protect your organization from cyber threats with our comprehensive enterprise security solutions

Red Team Assessment

Obtain a comprehensive perspective on your organization's defense capabilities against real-world attacks.

Cloud Pentest

Evaluate and Enhance Cloud Security Posture with Expert Testing and Analysis

Network Pentest

Uncover potential network vulnerabilities and protect your sensitive systems and data

Source Code Audit

Ensure the integrity and security of your codebase with our source code audits.

IoT Pentest

Secure interconnected devices and products by validating their resilience against potential attackers.

AI Security Assessment

We identify critical vulnerabilities in production LLMs and AI systems that expose novel attack paths.

Guideline to choose a Pen test service partner

Choosing A Pentest Partner

Looking for a pentest partner? Learn everything you need to know before selecting your vendor in our comprehensive data sheet.

PatientPing - A Success Story

PatientPing got 10x better results from their pentest on working with SecureLayer7. Learn more in our video.

What Is BugDazz?

Learn more about our in-house pentest platform in our concise datasheet.

SecureLayer7 is hiring Cybersecurity Expert

Who Are We?

At SecureLayer7, we aim at solving challenging cybersecurity problems and hurdles faced by organizations. We bring bright minds together to provide a smooth experience in cybersecurity and achieve our vision by making organizations secure from cyber-attacks. Our skilled Pentesters and security engineers work on the project from a cryptocurrency exchange to IoT devices. SecureLayer7 is the parent to cybersecurity products namely Sensfrx and BugDazz.

About Job

We are seeking a highly skilled Cybersecurity Expert with over 5 years of hands-on experience in offensive security assessments. The ideal candidate will hold elite certifications such as OSCP, CREST, and have published CVE(s). You should possess deep technical knowledge and practical expertise across Web, Mobile, Source Code (SAST), and Thick Client application testing.

Responsibilities

Lead and manage end-to-end security assessments for web, mobile (iOS/Android), API, and thick client applications.
Conduct manual and automated VAPT using industry-standard tools and methodologies.
Drive secure development lifecycle (SDLC) practices, including threat modelling, secure code review, and remediation planning.
Design and review secure architectures for enterprise applications and network systems.
Perform configuration reviews for firewalls, routers, and operating systems (Linux/Windows)
Manage and deliver internal and external application security audits (PCI DSS, HIPAA, ISO 27001).
Collaborate with cross-functional teams (development, QA, DevOps) to embed security best practices.
Lead red team exercises and simulate attack scenarios to identify exploitable gaps.
Own client engagement, project planning, delivery, and post-assessment remediation support.
Mentor junior security analysts and contribute to internal knowledge-sharing initiatives.

Requirements

5 + years of experience in cybersecurity with a strong focus on application security.
Proven expertise in:
- Vulnerability Assessment & Penetration Testing (VAPT)
- Source Code Review
- Red Team Exercises
- Threat Modelling
- Secure Architecture Reviews
Proficiency in using tools like Burp Suite, OWASP ZAP, Nmap, Metasploit, Nessus, etc.
Sound knowledge of secure coding practices across various programming languages.
Experience managing client projects across BFSI, telecom, and government sectors.
Strong communication and reporting skills for both technical and business stakeholders.

Good to have

Experience delivering client security awareness sessions.
Recognized for security contributions (e.g., “Finding of the Month” awards).
Experience in training programs or public speaking at conferences (e.g., OWASP, NSConclave).

Apply