VAPT Engineer - Penetration Testing

As a Sr. Security Analyst/ Team Lead in Gurugram, your role will involve daily assessment of vulnerabilities identified by infrastructure scan. You will assist in reviewing vulnerabilities" data from multiple sources across various technologies to determine risk ratings of vulnerabilities to business assets. Your responsibilities will include performing penetration tests on computer systems, networks, web-based, and mobile applications. Additionally, you will conduct security and network audits to assess system adherence to predetermined standards. Key Responsibilities: - Perform penetration tests on computer systems, networks, web-based, and mobile applications - Evaluate, rate, and perform risk assessments on assets - Prioritize vulnerabilities discovered and define remediation timelines - Communicate vulnerabilities to Subject Matter Experts (SMEs) within the environment - Interact with global teams such as security architecture, penetration testing, application development, and Risk Officers - Maintain knowledge of the threat landscape - Provide vulnerability analysis and ensure scan results are presented effectively in dashboards and reports Qualifications Required: - Knowledge of application, network, mobile, and operating system security - Experience with vulnerability assessment, penetration testing, and patch assessment - Good understanding of Windows and Linux patching - Familiarity with vulnerability scoring systems such as CVSS/CMSS - Proficiency in VA/PT tools - Ability to learn new technologies - Excellent writing and presentation skills for effective communication of findings - Detail-oriented, organized, and methodical with analytical thought process As a candidate for this position, you should have at least 5 years of work experience in the TVM domain. Possessing IT Security Certifications such as Certified Vulnerability Assessor (CVA), Certified Ethical Hacker (CEH), CIPP, CRISC, CISA, CISSP, or CISM will be beneficial for your application. Please note that the company's additional details were not provided in the job description.,