Job
Description
Employment Type: [Full Time] Job Summary: We are seeking a skilled VAPT Engineer to identify, assess, and mitigate security vulnerabilities in our applications, networks, and IT infrastructure. The ideal candidate will be proficient in conducting manual and automated testing to uncover weaknesses, providing actionable recommendations for remediation, and ensuring the security of our systems against emerging threats. Key Responsibilities: Perform vulnerability assessments and penetration tests on networks, web applications, APIs, mobile applications, and cloud environments. Container Security on Cloud and On Prem Containers Use both automated tools (e.g., Nessus, Burp Suite, Metasploit, Qualys, Acunetix) and manual techniques to identify security vulnerabilities and exploit them in a controlled manner. Develop detailed technical reports on findings, including the severity of vulnerabilities and actionable mitigation strategies. Collaborate with development and IT teams to remediate identified vulnerabilities and enhance security configurations. Conduct post remediation testing to ensure vulnerabilities have been addressed effectively. Stay updated on emerging vulnerabilities, threats, and attack vectors to continuously refine testing methodologies. Coordinating with relevant stake holders/ Application owners for timely closure of vulnerabilities. Ensure compliance with applicable security standards and frameworks (e.g., OWASP Top 10, SANS 25, ISO 27001, PCI DSS). Contribute to the creation and enhancement of security policies and best practices. Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). 2 5 years of hands on experience in Vulnerability Assessment and Penetration Testing. Strong knowledge of OWASP Top 10, SANS 25, and common security vulnerabilities and exploits. Proficiency in using penetration testing tools such as Nessus, Burp Suite, Metasploit, Qualys, Acunetix, and others. Familiarity with manual testing techniques, scripting, and basic programming skills (Python, Bash, or PowerShell). Solid understanding of network protocols, operating systems, and security concepts. Strong analytical and problem solving skills, with the ability to explain technical findings to non technical stakeholders. Preferred Certifications: Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) CompTIA PenTest+
