Penetration Tester II

Location: Bangalore, KA, IN

Penetration Tester II

Are you passionate about uncovering security vulnerabilities before malicious actors can exploit them? Join our Security Team at Swiss Re as a Penetration Tester where you'll use your technical expertise and analytical mindset to strengthen our digital defenses and protect our global infrastructure. This is your opportunity to make a meaningful impact on cybersecurity in a world-leading reinsurance company.

About the Role

As a Penetration Tester at Swiss Re, you'll be at the forefront of our security efforts, conducting thorough assessments of our applications and infrastructure to identify vulnerabilities before they can be exploited. You'll collaborate with teams across the organization to strengthen our security posture and build resilience against emerging threats.

Key Responsibilities

• Lead security assessments of web applications and infrastructure, delivering comprehensive penetration testing reports

• Coordinate remediation efforts with development teams and track the resolution of identified vulnerabilities

• Develop and improve penetration testing processes, methodologies, and long-term strategy

• Create educational materials and conduct lessons learned sessions for IT developers and relevant partners

• Manage relationships with internal stakeholders and external security vendors providing penetration testing services

• Collaborate closely with global teams including IT application owners, information security specialists, and chief information security officers

• Drive innovation in security testing approaches and methodologies to address emerging threats

About the Team

The Security Team is the focal point for all security activities across Swiss Re. We are responsible for engineering and operations, corporate security, governance, operational resilience, risk and compliance. We define and advance the company's security strategy.

As a part of the Security Team, the Penetration Testing sub-team (running under Continuous Service Assurance) ensures recurring testing of critical applications, providing the internal teams with pentest scheduling and remediation. We're looking for an experienced penetration tester who will use their analytical and technical skills to help us in making our IT environment more resilient.

About You

You're a curious and detail-oriented security professional who enjoys the challenge of finding vulnerabilities in complex systems. You have strong analytical skills and can communicate technical concepts clearly to both technical and non-technical audiences. You're passionate about cybersecurity and stay current with emerging threats and attack techniques.

We are looking for candidates who meet these requirements:

• At least 4 years of experience in information security and penetration testing

• Expert knowledge of OWASP Top 10 Vulnerabilities, testing procedures, and remediation recommendations

• Experience in Vulnerability Assessments and Penetration Tests of Web, O365, and SAP systems

• A Bachelor's or Master's degree in Computer Science, Information Security, or related field OR significant work experience in the field

• Industry-relevant certifications (OSCP, CISSP, INE, CEH, etc.) and understanding of security frameworks (ISO27001/2, NIST, OWASP Top 10)

These are additional nice to haves:

• Experience in continuous service and process improvement and automation

• Advanced proficiency in English; additional languages are a plus

• Experience mentoring junior colleagues and building international relationships

• Knowledge of cloud security testing (AWS, Azure, GCP)

• Experience with security tool development or scripting for test automation

• Understanding of DevSecOps practices and security integration into CI/CD pipelines

• Experience in a financial services or insurance environment