Are you passionate about offensive security and ready to take on advanced cybersecurity challenges? We are seeking a highly skilled Senior VAPT Consultant with 57 years of hands-on experience in penetration testing and vulnerability assessments across diverse environments. Join us to lead critical security projects, simulate real-world attacks, and help safeguard our systems.

Key Responsibilities :

Lead and execute end-to-end VAPT projects covering :

- Web and Mobile Applications

- Internal and External Networks

- APIs and Cloud environments (AWS, Azure, GCP)

- Thick/Thin Client Applications

- Perform both manual and automated penetration testing and vulnerability assessments using industry-standard tools and techniques.

- Simulate real-world attack scenarios such as phishing, social engineering, and advanced persistent threats to identify risks.

- Conduct threat modeling and risk analysis to prioritize vulnerabilities based on business impact.

- Deliver detailed, clear, and actionable reports including proof of concept (PoC), risk ratings, and remediation guidance tailored for technical and business stakeholders.

- Collaborate closely with development, infrastructure, and security teams to implement effective remediation strategies and verify fixes.

- Develop and maintain security testing methodologies, checklists, and playbooks to ensure consistent, high-quality assessments.

- Stay updated with the latest security vulnerabilities, exploits, attack techniques, and compliance requirements.

- Mentor junior security analysts and provide technical guidance in security testing processes.

- Participate in security audits, compliance assessments, and contribute to organizational security policies and procedures.

- Engage in proactive threat hunting and continuous security improvement initiatives.

- Advocate for security best practices across the development lifecycle (DevSecOps) and cloud environments.

What You Bring :

- 5 - 7 years of proven experience in penetration testing and vulnerability assessment (VAPT).

- Strong understanding of OWASP Top 10, API security risks, network protocols, and firewalls.

- Hands-on expertise with tools like Burp Suite Pro, Metasploit, Nmap, Wireshark, Nessus, and others.

- Proficiency in scripting languages such as Python, Bash, and PowerShell.

- Familiarity with Active Directory, Linux, and Windows internals.

- Excellent communication and reporting skills to effectively convey findings to technical and non-technical stakeholders.

Preferred Certifications :