Security Analyst - VAPT

Job Overview:

The Security Testing Engineer will be responsible for executing end-to-end security testing assignments, including vulnerability assessment, penetration testing, secure code reviews, and configuration assessments across systems, networks, web, mobile, and cloud environments. The role demands a blend of strong technical expertise, analytical thinking, and effective communication to ensure timely and high-quality delivery of security testing services to clients.

Major Objectives of the Job:

1. Security Testing Service Delivery

• Conduct Vulnerability Assessment and Penetration Testing (VA/PT) across systems, networks, web, and mobile applications.
• Perform Secure Code Review using SAST and DAST methodologies.
• Execute Secure Configuration Reviews for both cloud and on-premise environments.
• Review and validate technical findings, test plans, test cases, and final reports for accuracy and completeness.
• Ensure timely delivery and distribution of detailed security testing reports.
• Provide actionable recommendations and remediation guidance to customers.
• Address and resolve client issues and escalations effectively.

2. Quality and Efficiency

• Maintain accuracy in defining project scope and deliverables.
• Uphold the quality of testing processes and reporting standards.
• Communicate findings and technical insights clearly in both oral and written forms.
• Ensure on-time project delivery and high client satisfaction.
• Achieve a high rate of client issue resolution.

3. Security Testing Process Efficiency

• Develop and adhere to standardized testing processes.
• Build and utilize automation frameworks and tools to enhance testing efficiency.
• Create and maintain scripts for repetitive testing tasks.
• Continuously improve average testing time per target through optimized workflows.

4. Continuous Improvement & Innovation

• Contribute innovative ideas and approaches to improve security testing methodologies.
• Stay updated with the latest tools, exploits, and vulnerability trends.
• Pursue relevant security certifications and continuous learning.
• Develop custom tools or scripts to enhance testing coverage and efficiency.

Required Qualifications & Skills:

Experience:

• 1–3 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VA/PT).

Technical Skills:

• Proficiency in scripting/programming: Java, PHP, Python, JavaScript, or .NET.
• Strong understanding of database concepts and ability to execute queries.
• Solid grasp of network protocols, architectures, and common vulnerabilities.
• Exposure to tools such as Burp Suite, Nmap, Metasploit, Nessus, OWASP ZAP, etc.

Certifications (Preferred):

• CEH, eJPT, CRTP, OSCP, or equivalent industry certifications.