Security Analyst (AppSec)

We are looking for aSecurity Analyst I–Application Securitywith strong hands-on experience intesting Web, Mobile, and API security. This role requires independent execution of AppSec engagements, in-depth vulnerability analysis, and active collaboration to improve the application security posture.

Key Responsibilities

• Independently performApplication Security Testing and Penetration Testingfor:
  Web applications
  Thick clients
  Web services and APIs
  

• Conduct end-to-endMobile Application Security Assessments for Android and iOS platforms.
  

• PerformAPI securitytesting, includingauthentication,authorization, andbusinesslogicvalidation.
  

• ExecuteStatic Code Analysis (SAST)andmanual secure code reviewsto identify vulnerabilities early in the SDLC.
  

• ExecuteStatic Application Security Testing or Secure code Reviewwithtools such asCheckmarx,HCL App Scan, or Similar.
  

• Analyze, validate, and prioritize vulnerabilities based on risk and exploitability.
  

• Prepare detailed technical and executive-level security reports for clients.
  

• Work closely with internal/external teams to explain findings, recommend secure coding practices, and validate remediation.
  

• Stay updated with the latest vulnerabilities, tools, and attack techniques in application security.
  

Requirements

Requirement:

• 2+ yearsof work experience inApplication Security Testing
  

• Strong understanding ofOWASP Top 10,OWASP Mobile Top 10, andAPI security risks.
  

• Proven experience exploiting vulnerabilities such asSQL Injection, XSS, IDOR, SSRF, CSRF, authentication flaws, and business logic issues.
  

Good To Have:

• Hands-on expertise with:Burp Suite (advanced usage for testing and exploitation) & Checkmarx / Fortify or similar SAST tools.
  

• Good understanding of secure SDLC, application architecture, and modern authentication mechanisms (OAuth, JWT, etc.).
  

• Ability to communicate complex technical issues clearly to both technical and non-technical stakeholders.
  

• Strong English communication and documentation skills.
  

• CREST(Council of Registered Ethical Security Testers)
  

• CEH (Certified Ethical Hacker) – Acceptable alternative
  

Benefits

Why You'll Enjoy Working at Kratikal:

1. Get the fast learning and exciting environment of a startup, combined with the stable work and strong performance of a bigger company. There's lots of room to learn, grow, and share your ideas.
   

2. We also provide good benefits like health insurance, a gratuity payment, and Employees' Provident Fund (a savings plan for your future).
   

3. We are an equal opportunity employer, where everyone has a fair chance.
   

About Us:

Kratikal Tech Limited is a leading B2B cybersecurity firm offering cutting-edge cybersecurity solutions and services such as Network Security Audits, Compliance Implementation, IoT Security, and VAPT. Serving over 150+ enterprise customers and 1825+ SMEs across industries, including E-commerce, Fintech, BFSI, NBFC, Telecom, Consumer Internet, Cloud Service Platforms, Manufacturing, and Healthcare, Kratikal is dedicated to helping organizations combat cybercriminals using advanced, technology-driven cybersecurity solutions.

The company also develops in-house cybersecurity products, includingAutoSecT, competing with industry giants, alongsideTSAT(Threatcop Security Awareness Training),TDMARC(Threatcop DMARC),TLMS(Threatcop Learning Management System), andTPIR(Threatcop Phishing Incident Response). These products have received numerous awards and recognitions for their innovation and effectiveness. Kratikal has been honored as theTop Cyber SecurityStartupat the 12th Top 100 CISO Awards. With a global reach, Kratikal collaborates with renowned organizations to secure their digital landscapes. For more information, visit our websites atwww.kratikal.comandwww.threatcop.com.