How much salary can I expect as a Senior Security Engineer in CDK Global India Pvt Ltd in undefined?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

What is the eligibility criteria to apply for Senior Security Engineer in CDK Global India Pvt Ltd in undefined?

The candidate should have completed undefined degree and people who have 5 to 31 years are eligible to apply for this job. You can apply for more jobs in undefined to get hired quickly.

Is there any specific skill required for this job?

The candidate should have undefined skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it’s not a work from home job and can’t be done online. You can explore and apply for other work from home jobs in undefined at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in undefined . Through apna, you can find jobs in 74 cities across India. Join NOW

Senior Security Engineer

CDK Global India Pvt Ltd

Hyderabad

Not disclosed

Work from Office

Full Time

Min. 5 years

Job Details

Job Description

Penetration Tester

About Us

CDK Global is a leading provider of cloud-based software to dealerships and Original Equipment Manufacturers (“OEMs”) across automotive and related industries. The Company’s cloud-based, software as a service (“SaaS”) platform enables dealerships to manage their end-to-end business operations including the acquisition, sale, financing, insuring, repair, and maintenance of vehicles. By automating and streamlining critical workflows, the integrated platform of modern solutions enables dealers to sell and service more vehicles by creating simple and convenient experiences for customers and improves their financial and operational performance.

Position Summary

CDK Global is seeking a skilled Penetration Tester with 3–6 years of experience across Web, API, Infrastructure, and Red Teaming disciplines. In this role, you will perform manual penetration tests on CDK’s products, platforms, APIs, and cloud environments. You will also support CDK’s internal red‑team and adversary simulation efforts, assess third‑party/vendor tools used across CDK, and collaborate with our DAST team to convert recurring vulnerabilities into automated test cases.

This position is a key part of CDK’s broader Application Security function and directly contributes to strengthening CDK’s overall security posture.

Responsibilities

1. Manual Web & API Penetration Testing

Perform in‑depth penetration testing on CDK applications (web, internal, customer-facing, and APIs).

Identify authentication, authorization, logic, and input‑handling weaknesses.

Assess REST/GraphQL APIs supporting CDK products for schema abuse, rate-limiting issues, BOLA, and access control gaps.

2. Infrastructure & Network Penetration Testing

Conduct internal and external network pentests across CDK environments.

Perform enumeration, service analysis, firewall/ACL review, privilege escalation on Windows/Linux, and AD attack path identification.

3. Red Teaming / Adversary Simulation

Participate in CDK’s red‑team exercises, including initial access vectors, lateral movement, privilege escalation, and persistence.

Assist in developing realistic attack paths targeting CDK infrastructure and applications.

Support purple-team efforts with CDK detection and SecOps teams.

4. AI/LLM Security Testing

Evaluate CDK’s AI-enabled or LLM-integrated services for prompt injection, data leakage, jailbreak scenarios, insecure plugin/tooling integration, and model abuse pathways.

5. Vendor & Third‑Party Security Assessments

Conduct security evaluations for third-party tools and SaaS platforms considered for onboarding at CDK.

Review architecture, certifications, posture, and integration risks; provide recommendations to CDK stakeholders.

6. Collaboration with CDK’s DAST & Automation Teams

Identify recurring findings from CDK products and assist the DAST team in automating these tests.

Provide reproducible PoCs, templates, and test case structures to strengthen CDK’s automation coverage.

7. Vulnerability Reporting & Coordination

Document vulnerabilities in CDK’s centralized vulnerability management system (e.g., DefectDojo).

Provide risk context, remediation guidance, and work with CDK engineering teams during fix validation.

8. Contributing to Secure SDLC Maturity at CDK

Support CDK’s secure engineering practices by contributing to AppSec playbooks, checklists, and guidelines.

Partner closely with product engineering, platform security, and cloud teams across CDK.

Qualifications

3–6 years of hands-on experience in web, API, and infrastructure penetration testing.

Strong understanding of OWASP Top 10, API Top 10, MITRE ATT&CK, and common cloud/infrastructure attack surfaces.

Practical experience with:

Burp Suite, ZAP

nmap, ffuf, sqlmap

Nessus/Qualys (optional)

PowerShell, Bash, Python scripts

Strong reporting skills (clear PoCs, evidence, exploitable impact)

Experience engaging with engineering teams during retest cycles.

Preferred Qualifications

Experience with CDK-like large enterprise environments, multi-tier products, or cloud/SaaS platforms.

Exposure to container/Kubernetes security.

Purple teaming experience with detection engineering teams.

Certifications: OSCP, eWPT, CRTP, eWPTX, CEH, GWAPT (optional).

Strong attacker mindset, curiosity, and creativity.

Clear and effective communication with CDK stakeholders.

Ability to prioritize based on business and customer impact.

Ownership, accountability, and collaborative problem-solving.

At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact.

CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law.

Applicants for employment in the US must be authorized to work in the US. CDK may offer employer visa sponsorship to applicants.