NeGD Security Tester Recruitment 2026

About This Job

National e-Governance Division (NeGD) is hiring 1 Security Tester for the UMANG 2.0 project on a contractual, full-time basis. If you have B.Tech in IT / CS or a related field and 3+ years of IT industry experience, you can apply online. The work location is New Delhi / Noida, and the last date shown on the official ORA job row is 17 June 2026. Salary, age limit, and application fee are not mentioned in the official ORA details.

NeGD Security Tester Recruitment 2026 - 1 Post

The official Online Recruitment Application portal of Digital India Corporation lists this opening under the NeGD division and the UMANG 2.0 project. The role is meant for a security testing professional who can test web applications, mobile applications, APIs, and AWS cloud environments. This is a contractual job category with a full-time position type, and the official row marks travel as not required.

This job is best suited for someone who has already worked on penetration testing, vulnerability assessment, cloud security, reverse engineering, and incident response. The official role details mention OWASP Top 10 for web, API, and mobile applications, CIS AWS Foundations Benchmark v3.0.0, CERT-In related incident handling, Burp Suite, Metasploit, Nmap, secure coding, and secure software development lifecycle work. If your current work includes security testing across web, mobile, API, and cloud platforms, this opening matches that background closely.

Who Can Apply?

Educational Qualification

• Qualification: You need B.Tech in IT / CS or a related field.
• Experience: You need 3+ years of experience in the IT industry.
• Preferred certifications: AWS Certified Cloud Practitioner and AWS Certified Security - Specialty are listed as desirable certifications.

Security Testing Experience Mentioned

• Penetration testing: You should be able to test web applications, Android and iOS mobile apps, APIs, and AWS cloud environments.
• Reverse engineering: The official details mention reverse engineering of mobile applications to identify vulnerabilities and possible security flaws.
• Vulnerability assessment: You should be able to identify, prioritise, document, and explain security risks using industry-standard tools and techniques.
• Incident response: The role includes responding to security issues raised by CERT-In and other regulatory bodies and giving remediation recommendations.
• Security frameworks: You should understand OWASP Top 10 for web applications, APIs, and mobile apps, along with the CIS AWS Foundations Benchmark v3.0.0.

Preferred Skills

• Tools: Experience with Burp Suite, Metasploit, and Nmap is mentioned in the official details.
• Cloud security: You should have a strong understanding of cloud security, especially AWS environments.
• Communication: You should be able to explain complex security issues to technical and non-technical stakeholders.
• Secure development: Knowledge of secure coding practices and secure software development lifecycle is useful for this role.
• Problem solving: Strong analytical and problem-solving skills are expected for this security testing role.

Role Fit

• Apply if you have tested real web applications, mobile applications, APIs, and cloud infrastructure, not only training lab systems.
• Apply if you can use tools such as Burp Suite, Metasploit, and Nmap and explain the risk in clear language.
• Apply if you understand OWASP Top 10 for web, mobile, and API security and can apply it during practical testing.
• Apply if your experience includes AWS cloud security, CIS benchmark checks, CERT-In issue handling, and remediation recommendations.
• Check carefully before applying if your IT industry experience is below 3 years, because the official ORA row clearly asks for 3+ years.

Application Fee

• Application fee: The official ORA job details do not mention any fee for this Security Tester post.

Selection Process

The official ORA job row does not publish a written exam pattern, interview schedule, or detailed selection stages for this post. Do not assume a test date, interview date, or shortlist rule unless NeGD or Digital India Corporation publishes it later on the official ORA portal.

1. Written exam: Not mentioned in the official ORA job details.
2. Interview or screening: Detailed stages are not published in the official ORA row for this post.
3. Candidate updates: After applying, keep checking your registered email, mobile number, and ORA account for official communication.

How to Apply

1. Go to the official Online Recruitment Application portal at ora.digitalindiacorporation.in.
2. Open the registration page and create your ORA account with your mobile number or email ID.
3. In the job list, find the row with Division: NeGD, Project: UMANG 2.0, and Job Title: Security Tester.
4. Open the job details again and confirm the qualification, experience, location, travel status, and last date.
5. Fill in your personal, education, security testing, cloud security, and tool experience details carefully.
6. Upload documents only as asked by the official ORA portal.
7. Review the form before final submission, especially your B.Tech details, IT experience, and security testing skills.
8. Submit the online application before 17 June 2026.

Important Dates

• Official ORA row created: 10 June 2026
• Last Date to Apply Online: 17 June 2026
• Exam / Interview Date: Not mentioned in the official ORA details

• Conduct penetration testing on web applications, mobile applications, APIs, and AWS cloud environments
• Perform reverse engineering on mobile apps to find vulnerabilities and security flaws
• Assess applications and cloud infrastructure to identify, prioritise, and document security risks
• Use security testing tools and techniques to verify weaknesses and prepare remediation inputs
• Respond to security incidents and issues raised by CERT-In and other regulatory bodies
• Apply OWASP Top 10 guidance for web, API, and mobile security testing
• Follow CIS AWS Foundations Benchmark v3.0.0 while reviewing AWS cloud security
• Explain security findings clearly to technical and non-technical stakeholders