Position Overview

We are seeking a highly skilled and experienced Lead - VAPT to join our cybersecurity team. The ideal candidate will lead a team responsible for conducting vulnerability assessments and penetration testing across diverse environments, ensuring the security and integrity of our systems, networks, and applications.

Key Responsibilities

Leadership and Strategy: Lead and mentor the VAPT team, ensuring the timely delivery of high-quality assessments. Define and implement VAPT processes, methodologies, and best practices. Stay updated with the latest vulnerabilities, exploits, and security trends. Technical Expertise: Conduct and oversee vulnerability assessments and penetration tests on systems, networks, web applications, APIs, and mobile applications. Identify and exploit vulnerabilities to simulate real-world attack scenarios. Provide detailed findings, risk assessments, and remediation recommendations. Reporting and Communication: Create comprehensive and professional assessment reports for technical and non-technical audiences. Communicate findings and risk levels to stakeholders, including senior management. Work closely with development, operations, and IT teams to address identified vulnerabilities. Compliance and Risk Management: Ensure assessments align with industry standards such as OWASP, PCI DSS, ISO 27001, and NIST. Support compliance efforts by providing relevant insights from VAPT activities. Process Improvement: Evaluate and enhance tools, techniques, and processes used for VAPT. Collaborate with cross-functional teams to integrate security into the software development lifecycle (SDLC).

Qualifications and Skills

Bachelor’s degree in Computer Science, Information Security, or a related field. 7+ years of experience in cybersecurity, with a focus on VAPT. Hands-on experience with tools such as Burp Suite, Nessus, Metasploit, Wireshark, Qualys, and Kali Linux. Strong understanding of network security, system vulnerabilities, and secure coding practices. Familiarity with cloud platforms like AWS, Azure, or Google Cloud is a plus. Certifications such as OSCP, CEH, CISSP, CISM, or GWAPT are preferred. Excellent analytical, problem-solving, and communication skills.