Bestkaam Logo
Back to Jobs
Ford Motor Company

Cyber Security Analyst - Penetration Tester

Actively Reviewing

Ford Motor Company

Chennai Full-Time 1–2 yrs exp Posted 1 month ago  · Apply by Jul 18, 2026
Job Description

Cyber Security Analyst – Penetration Testing is responsible for performing security assessments for applications, infrastructure and emerging technologies, guiding product / service teams in secure design and implementation of IT systems.

Responsibilities

Position responsibilities include:

  • Perform Penetration tests for high-risk Enterprise IT assets.
  • Gain understanding of the business process, application architecture, IT infrastructure and interaction with external entities.
  • Work with PDO team to define and agree the scope of the test.
  • Perform Pen testing for web / mobile applications to verify security implementation and identify vulnerabilities; this includes testing for broken access control, identification and authentication failures, injection, insecure design, security misconfiguration, cryptographic failures, usage of vulnerable and outdated components.
  • Conduct penetration testing activities in an ethical and responsible manner, ensuring that the organization's systems are not negatively impacted by the testing.
  • Assess the risk of identified vulnerabilities by evaluating likelihood and impact, propose countermeasures and remediation.
  • Document and effectively communicate the technical findings and recommendations to non-technical stakeholders, such as management and business leaders, in a clear and understandable manner.
  • Follow security governance process for issue tracking and closure. Ensure that security improvement actions are evaluated, validated, and implemented as required.
  • Use Standard Operating Procedure (SOP) for securely conducting penetration testing studies.
  • Develop, test, and maintain custom security testing scripts for vulnerability testing.
  • Leverage industry best practices to continually improve process maturity.
  • Promote awareness of security issues among application teams and business teams through training and awareness programs.
  • Provide feedback for improving Penetration Testing tools and processes and continuously improve the testing methods.
  • Staying up to date with the latest security trends, tools, and techniques to enhance penetration testing skills and knowledge.
  • Stay updated on emerging technologies.


Qualifications

Skillset required:

  • Experience in different Penetration Testing processes and tools with specialization in web and mobile applications and API services.
  • Experience in security assessment, risk management processes, cyber security threats, vulnerabilities, attack methods and techniques.
  • Knowledge of industry frameworks for penetration testing like OWASP, PTES, MITRE ATT&CK, Metasploit.
  • Ability to understand complex information system architecture and business process and develop attack methods.
  • Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Experience in deploying various attack methods and techniques (DDoS, brute force, spoofing, Injection attacks etc.).
  • Experience in creating and extracting important information from packet captures.
  • Knowledge and experience in applying cryptography, including encryption, hashing, key management, digital certificates, and TLS, to protect data and communications.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of cloud security, API security and AI security.
  • Knowledge of identity and access management systems (e.g.: OAuth, OpenID, SAML).
  • Knowledge of organization's information security policies, standards, and procedures.
  • Knowledge of laws, regulations, policies, and ethics related to cybersecurity and privacy.
  • Excellent analytical, communication, documentation, and presentation skills.
  • Knowledge of emerging technologies like AI/ML, Zero Trust, LCNC etc. and willingness to learn new technologies and concepts.


Qualifications required:

  • Bachelor’s degree in computer science, Cyber Security, or related field of study
  • 2+ years of experience in Cyber Security or related fields of IT.
  • Knowledge of Penetration Testing Framework such as OWASP, MITRE ATT&CK, Metasploit etc.
  • Cyber security certifications like OSCP, CEH, GPEN, Pentest+ are highly desirable.