VAPT Professional

Job description

As a Vulnerability Assessment and Penetration Testing (VAPT) Security Professional, you will lead comprehensive security evaluations to identify, exploit, and remediate vulnerabilities across networks, applications, and systems. You will simulate real-world cyberattacks using ethical hacking methodologies to assess the security posture and help safeguard critical business assets of the clients. Your role involves collaborating with IT and Security teams of the clients to recommend effective security controls, preparing detailed technical reports, and staying current with emerging threats and tools.

Key Responsibilities:

· Conduct thorough vulnerability assessments and penetration tests on infrastructure, web applications, APIs, and cloud environments.

· Analyze security findings and provide actionable remediation recommendations.

· Develop and execute detailed test plans aligned with business and compliance requirements.

· Simulate social engineering and physical security assessments as part of comprehensive testing.

· Document methodologies, findings, and mitigation strategies in clear, professional reports for technical and non-technical stakeholders.

· Continuously update knowledge on latest vulnerabilities, attack techniques, and security tools.

· Mentor junior team members and contribute to security awareness initiatives.

Qualifications:

· Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.

· Relevant certifications such as:

o Certified Ethical Hacker (CEH)

o Offensive Security Certified Professional (OSCP)

o GIAC Penetration Tester (GPEN)

o Certified Information Systems Security Professional (CISSP) (preferred)

· Strong understanding of network protocols, operating systems (Windows, Linux), and web technologies.

· Proficiency with penetration testing and vulnerability assessment tools like Metasploit, Burp Suite, Nmap, OWASP ZAP, Nessus, SQLMap, Wireshark, and others.

· Knowledge of security frameworks, standards, and regulatory compliance (e.g., SEBI, compliance).

· Experience with scripting or programming languages (Python, PowerShell) to develop custom testing tools or automate tasks.

· Excellent analytical, problem-solving, and communication skills.

Experience:

· Minimum 1-3 years of hands-on experience in penetration testing and vulnerability assessment.

· Proven track record of conducting end-to-end penetration tests and vulnerability assessments in enterprise environments.

· Experience in testing a variety of environments including on-premises networks, cloud platforms, web and mobile applications.

· Familiarity with social engineering techniques and physical security assessments is a plus.

· Experience in preparing detailed technical reports and presenting findings to diverse audiences.