VAPT - SME - CHN

About the Role:

We are seeking a highly skilled and experienced Vulnerability Assessment Subject Matter Expert (SME) to join our dynamic team. This role is critical to safeguarding the organization's information assets by identifying, assessing, and mitigating vulnerabilities across systems and environments.

Roles and Responsibilities

• Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys)
• Analyze assessment results to identify, prioritize, and report risks
• Develop and maintain standardized vulnerability management processes and procedures
• Coordinate remediation activities with relevant stakeholders across IT and business units
• Perform penetration testing to evaluate the effectiveness of security controls
• Stay current with emerging security threats, vulnerabilities, and mitigation techniques

Relevant Skills and Experience

• 515 years of experience in vulnerability assessment, penetration testing, or related security domains
• Strong understanding of vulnerability management principles, frameworks, and best practices
• Proficiency in using vulnerability scanning tools (e.g., Nessus, Tenable, Qualys)
• Hands-on experience with penetration testing methodologies (e.g., black box, gray box, white box)
• In-depth knowledge of common security threats, vulnerabilities, and attack vectors
• Experience with network and system security tools (e.g., firewalls, IDS/IPS, antivirus)
• Experience in web application security testing (e.g., OWASP Top 10)
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis
• Experience in cloud security across platforms (e.g., AWS, Azure, GCP)
• Familiarity with source code analysis tools and techniques
• Experience with threat intelligence platforms and IOC (Indicators of Compromise) analysis
• Expertise in threat modeling, threat hunting, and manual vulnerability assessments
• Exposure to dark web monitoring and analysis

Qualifications

• Bachelors degree in Computer Science, Information Technology, or a related field
• Relevant security certifications (e.g., CISSP, CISM, CEH, OSCP)
• Strong analytical and problem-solving skills
• Excellent communication and interpersonal abilities
• Ability to work independently and collaboratively in cross-functional teams

Preferred Additional Skills

• Experience in mobile application security testing
• Exposure to security incident response and forensics