VAPT Security Analyst

Overview

Vaibhav Global Limited (VGL) is a leading electronic retailer of jewelry and lifestyle products. In FY 2023-24, VGL reported a turnover of ~$365 million and employs 4,000+ people globally, with 3,000+ based in Jaipur, India.

Multi-Channel Presence

VGL reaches a broad audience through its TV, e-commerce, and digital retail platforms:

• Shop LC (USA) – Live broadcasts to 60M+ homes with a strong e-commerce presence.
• TJC, UK – Reaches 27M+ homes through TV and digital platforms.
• Shop LC Germany – Broadcasts to 40M+ homes, expanding VGL’s European market presence.
• Ideal World (UK) – Acquired in 2023, a leading UK teleshopping & digital sales platform.
• Mindful Souls – Acquired in 2023, a fast-growing subscription-based e-commerce brand focused on spiritual and wellness products.
  
  

• Your Purchase Feeds… – VGL’s flagship one-for-one meal program has provided 99M+ meals to schoolchildren in India, the US, and the UK.
• Employee Volunteering – Encourages employees to donate two hours monthly for charitable activities.
• Sustainability Commitment – Focused on renewable energy, waste reduction, and green initiatives.
• IGBC Award Winner – Recognized for excellence in green built environments at its Jaipur SEZ unit.
• Assigned a ‘Combined ESG Rating 72 (Strong)’ from ICRA ESG Ratings Limited
  
  

• Humanocracy & Micro-Enterprises – VGL fosters a decentralized, empowered work culture, enabling small, agile teams to drive innovation and ownership.
• Talent Density & Meritocracy – Prioritizing high-performance teams, rewarding talent, and a culture of excellence.
• GPTW Certified – Recognized as a Great Place to Work across India, the US, the UK, and China.
  
  

• Top Exporter Award – Honored by GJEPC for being India’s largest exporter of silver and colored gemstones.
• Operational Excellence – A strong track record in value-driven retail and customer-centric growth.
  
  

The VAPT Security Analyst is responsible for proactively identifying, analyzing, and mitigating security vulnerabilities across applications, infrastructure, and networks. The role involves continuous security monitoring, incident response, threat intelligence analysis, and collaboration with IT and business teams to strengthen the organization’s security posture.

Job Responsibilities

• Security Monitoring & Incident Response
• Monitor security alerts and events from SIEM, EDR, IDS/IPS, and vulnerability scanners.
• Perform initial and intermediate-level investigation of security incidents.
• Validate alerts to differentiate between true positives and false positives.
• Support incident containment and recovery activities as per defined playbooks.
• Escalate advanced threats, lateral movement, or complex attacks to L3 teams.
• Document incident details, actions taken, and closure reports.
• Vulnerability Assessment & Penetration Testing (VAPT)
• Execute scheduled vulnerability scans across servers, endpoints, applications, and cloud workloads.
• Perform authenticated scans and baseline configuration assessments.
• Analyze scan results and prioritize vulnerabilities based on CVSS and business impact.
• Conduct limited-scope penetration testing under defined methodologies and supervision.
• Validate vulnerability remediation and perform re-scans for closure.
• Maintain vulnerability tracking and reporting dashboards.
• Threat Intelligence & Analysis
• Monitor threat advisories, CVEs, vendor bulletins, and security feeds.
• Map relevant threats to internal vulnerabilities and exposed assets.
• Assist in risk scoring and impact analysis for identified threats.
• Support senior analysts in threat-hunting activities when required.
• Security Tools & Technologies
• Operate and manage security tools such as: (Qualys, Nessus, Burpsuite, OpenVAS, Metasploit and Kali)
• SIEM platforms
• EDR/XDR solutions
• Firewalls and IDS/IPS
• Perform tuning of alerts and scan profiles under guidance.
• Support PoCs and evaluations of security tools.
• Policies, Compliance & Reporting
• Ensure security controls align with internal policies and procedures.
• Support compliance activities for ISO 27001, PCI DSS, SOC, etc.
• Assist in evidence collection and audit support activities.
• Prepare operational security reports for management review.
• Security Awareness & Support
• Provide guidance to IT and application teams on vulnerability remediation.
• Support security awareness initiatives and phishing campaigns.
  

• Bachelor’s degree in computer science, Information Security, or related field.
• CEH, OSCP, GWAPT, CRTO, or equivalent
• 3–6 years of experience in VAPT, SOC, or Cybersecurity operations.
• Hands-on experience with vulnerability scanning and penetration testing tools.
• Strong understanding of OWASP Top 10, and SANS 25 CVSS scoring, MITRE ATT&CK framework.
• Knowledge of network, application, and cloud security concepts (Azure preferred).
• Experience with compliance frameworks (PCI DSS, ISO 27001, SOC).
  
  

• The Great
• A fun-life
• Culture of openness and flexibility allows employees to keep growing and gravitating to roles that fit their talents and passions.
• Attractive financial package for top