Job
Description
Role & responsibilities We are looking to add a VAPT specialist to our team! This position will be conducting vulnerability assessments, penetration testing, and security audits to identify, report, and mitigate security weaknesses across applications, networks, and systems. Conduct vulnerability assessments and penetration tests on internal and external applications, networks, and systems. Develop, document, and implement testing methodologies based on industry standards and compliance requirements (e.g., OWASP, NIST, ISO 27001). Identify security risks, potential threats, and vulnerabilities and provide detailed reports with actionable recommendations. Collaborate with development, infrastructure, Network, SOC and application teams to guide them in remediating identified security issues. Perform re-testing to validate remediation actions taken to address vulnerabilities. Stay updated on emerging security threats, vulnerabilities, and tools related to penetration testing. Ensure testing activities comply with relevant security policies, regulatory requirements, and standards. Support the development of VAPT policies, standards, and guidelines. Prepare regular reports and dashboards for management and stakeholders, summarizing findings and status updates. Preferred candidate profile At least 1+ years of experience in vulnerability assessment and penetration testing in both application and network environments. In-depth knowledge of security standards, frameworks, and methodologies, such as OWASP, PTES, and MITRE ATT&CK. Proficiency with security testing tools like Burp Suite, Nessus, Metasploit, Nmap, and Wireshark. Strong understanding of network protocols, application security, and secure coding practices. Familiarity with regulatory standards, such as GDPR, HIPAA, and PCI-DSS, and how they impact VAPT requirements. Ability to communicate complex technical information to both technical and non-technical stakeholders. Relevant certifications (e.g., CEH, OSCP, GIAC GPEN, or GWAPT) are preferred. Vulnerability scanning and penetration testing Threat modeling and risk assessment Security auditing and report writing Collaboration and communication Analytical and problem-solving skills
