Senior Security Engineer

Position: Security Engineer - VAPT & Network Pentesting

Working Days: 5 days (Rotational Shifts)

Experience : 4+ years

Location: Noida Sector-62 ( Work from office)

Role Overview :

Penetration Testing (VAPT). The ideal candidate will be adept at identifying, exploiting, and

reporting security vulnerabilities across various systems, with a primary focus on web, mobile,

and network environments. This role requires a deep understanding of attack vectors, practical

experience with leading security tools, and the ability to articulate complex technical findings

into actionable remediation strategies. While the core focus is VAPT, an understanding of

security compliance standards (SOC 2, ISO 27001, GDPR) as they relate to vulnerability

management and reporting will also be valuable.

Key Responsibilities :

• Lead and execute comprehensive penetration tests on web applications, mobile

applications (iOS/Android), and internal/external networks to identify security

weaknesses.

• Perform in-depth vulnerability assessments and risk evaluations across diverse client

environments, prioritizing threats based on business impact.

• Develop and deliver detailed technical and executive reports, clearly outlining discovered

vulnerabilities, their potential impact, and providing prioritized, actionable remediation

strategies.

• Actively research and stay updated with the latest exploits, attack techniques, security

tools, and industry best practices in penetration testing and vulnerability management.

• Collaborate closely with development, operations, and client teams to guide them

through vulnerability remediation processes and enhance overall security posture.

• Contribute to the continuous improvement of VAPT methodologies, tools, and

processes.

• (Secondary) Assist in understanding and aligning VAPT findings with compliance

Required Qualifications

• 4+ years of dedicated experience in cybersecurity with a significant focus on

  penetration testing and vulnerability assessment

  .
• Specialized in Network Penetration Testing (Manual/Automation)
• Demonstrated proficiency and hands-on experience with industry-standard VAPT tools, including but not limited to:

  Burp Suite, Nmap, Metasploit, Nessus, MobSF

  , and various manual testing techniques.
• Strong practical knowledge of

  OWASP Top 10, SANS Top 25

  , secure coding practices, network protocols, and common attack vectors.
• Proven ability to identify, exploit, and document vulnerabilities in complex systems.
• Excellent report writing and presentation skills, capable of communicating technical risks to both technical and non-technical audiences.
• Understanding of security compliance standards (SOC 2, ISO 27001, GDPR) and their relevance to VAPT findings.

Certifications (Preferred)

• OSCP (Offensive Security Certified Professional) - Highly Valued
• Certified Red Team Professional (CRTP)
• Certified Peniteration Testing Professional(C|PENT)

Nice-to-Have Skills

• Familiarity with DevSecOps pipelines, source code reviews, or CI/CD security

integration.

• Client-facing consulting experience or strong report presentation skills.
• A genuine "Cyber Security vibe" and passion for ethical hacking.

Benefits Offered

• Flexible Work Hours.
• Work on impactful, industry-changing projects.
• Continuous learning and career growth opportunities.
• Collaborative, innovative, and inclusive environment.

agarwal.saumya@thinksys.com