VAPT Professional(Senior consultant)

Job Summary:

We are seeking an experienced Vulnerability Assessment and Penetration Testing (VAPT) Professional to perform comprehensive security testing across applications, networks, cloud, and infrastructure. The role involves identifying vulnerabilities, simulating real-world attacks, supporting SOC teams, and ensuring strong security posture across the organization.

Key Responsibilities:

1. Conduct continuous vulnerability assessments of infrastructure and support phishing analysis.

2. Perform VAPT on web apps, mobile apps, APIs, networks, servers, endpoints, and cloud platforms.

3. Identify security flaws using manual techniques and automated tools.

4. Prepare detailed technical reports, including PoC, risk ratings, and mitigation strategies.

5. Collaborate with development, DevOps, and infrastructure teams to remediate vulnerabilities.

6. Assist in red teaming, phishing campaigns, and social engineering assessments.

7. Perform re-testing after fixes to validate security improvements.

Required Qualifications:

1. B.E/B.Tech / MCA / MBA / PG in Computer Science or related fields (Minimum 60% / First Division).

2. Strong foundational knowledge of cybersecurity, networks, operating systems, and application security.

3. OSCP – Offensive Security Certified Professional (Highly Preferred), CEH – Certified Ethical Hacker, GPEN, CPT, or equivalent certifications in Penetration Testing.

4. Certifications in Application Security, Network Security, or Cloud Security are a plus.

5. Minimum 5 years of experience in Vulnerability Assessment & Penetration Testing, Web/mobile app security testing, Network & cloud penetration testing, Phishing analysis and hands-on security assessments.

Required Skills:

1. Hands-on expertise in identifying and exploiting vulnerabilities in Web applications, Mobile applications, Internal & external networks, Cloud infrastructure.

2. Proficiency with tools like Burp Suite, Nessus, Nmap, Metasploit, Nikto, OWASP ZAP, etc.

3. Scripting knowledge in Python, Bash, or PowerShell for automation and custom exploits.

4. Strong understanding of OWASP Top 10, SANS 25, CVSS scoring, and secure coding practices.

5. Experience working on phishing analysis, threat hunting, or red teaming is a strong advantage.

6. Experience delivering technical and executive-level VAPT reports.

Job Type: Full-time

Benefits:

• Provident Fund

Work Location: In person