Talent.com
This job offer is not available in your country.
Security Engineer (Burp Suite )

Security Engineer (Burp Suite )

HrtxTaguig, Metro Manila, Philippines
17 days ago
Job type
  • Quick Apply
Job description

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platforms security.

What Youll Do

  • Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
  • Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
  • Simulate real-world attacks and design potential attack paths.
  • Test and analyze security controls like WAFs, rate limits, and authentication systems.
  • Document findings clearly to help engineers fix issues quickly.
  • Explore edge cases and scenarios often missed by automated tools.

What Were Looking For

  • Proven experience in penetration testing of web apps and APIs.
  • Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
  • Expertise in AuthN / AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
  • Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
  • Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python / Bash).
  • Ability to think like an attacker and uncover hidden risks.
    • Create a job alert for this search

    Security Engineer • Taguig, Metro Manila, Philippines