Information Security Analyst (VAPT)
Job Description Key Responsibilities, Deliverables / Outcomes: Project Leadership Lead and manage Vulnerability assessments and Penetration testing (VAPT) and security assessments /testing engagements end-to-end for Small and Medium sized organizations Act as the primary technical and engagement lead for key client accounts. Ensure timely delivery, quality assurance, and stakeholder communication throughout project lifecycles. Provide mentorship and guidance to junior consultants. Technical Execution Perform and review Web application, Mobile, API, Network, Cloud(Azure/AWS/GCP), and Configuration assessments. Maintain technical excellence across multiple service lines, staying updated on the latest vulnerabilities, tools, and attack techniques. Conduct Business logic reviews, Threat modelling, and Red teaming exercises as needed. Perform CIS benchmark audits for Operating systems(server class and endpoint OS), Network devices(firewall, Router, switches) and Databases Client Engagement Act as a trusted advisor to clients, providing strategic security recommendations and actionable insights. Be ready for onsite visits, workshops, and executive-level presentations when required. Handle sensitive engagements with professionalism and discretion. Available for onsite assessment in UAE Presales Support Support RFP responses, proposal writing, and technical solutioning. Participate in client sales meetings and scoping discussions. Provide accurate effort estimations and help define delivery models. Practice Development Drive internal initiatives to improve quality, efficiency, and innovation in service delivery. Contribute to the development and refinement of security testing services and methodologies as per industry standards. Create technical content, whitepapers, or knowledge base articles to support team growth. Key Skills required 2 -4 years of hands-on experience in penetration testing or offensive security. Proven track record of security assessments with Small or Medium sized client organizations. Expertise in Web, Mobile, Network, API, Cloud, Configuration Reviews, and/or Red Teaming. Familiarity with security standards such as OWASP, PTES, NIST, and MITRE ATT&CK. Strong communication and client-facing skills. Experience supporting presales efforts, including proposals, SOWs, and client discussions. Certifications such as CEH, CPT, CEPT, CCPT, CRTOP, LPT, OSCP, OSWA, CRTO, CREST, CRT/CCT, GPEN or equivalent. Key Competencies Accountability Analytics Skills Communications - Oral & Written Passion for learning Adaptability
