Vapt and Penetration Tester

Overview

Job Summary:

We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools.

Key Responsibilities:

• Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation.
• Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques.
• Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities.
• Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations.
• Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST.
• Act as a technical lead and mentor for junior VAPT team and QA team members.
• Identify gaps in the current testing methodologies and implement process improvements.
• Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting.
• Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications.
• Present the client meeting for the future VAPT assignments.
• Stay updated with emerging threats, tools, techniques, and frameworks.

Required Skills & Qualifications:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field.
• 3 to 5 years of hands-on experience in VAPT and penetration testing.
• In-depth knowledge of web, network, mobile, cloud, and API security.
• Strong understanding of secure coding practices and vulnerability management.
• Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc.
• Familiarity with SIEM, IDS/IPS, EDR tools is a plus.
• Excellent report writing and documentation skills.
• Strong communication and overseas client-interaction skills.

Preferred Certifications:

• OSCP (Offensive Security Certified Professional) – Highly preferred
• CEH (Certified Ethical Hacker)
• CREST / GPEN / GWAPT / CISSP – Optional but desirable
• ISO 27001 Lead Auditor or Lead Implementer – Added advantage

Job Type: Full-time

Pay: Up to ₹1,800,000.00 per year

Schedule:

• Monday to Friday
• UK shift

Work Location: In person

Speak with the employer
+91 9429521724