Job Description

Lead VAPT projects across multiple domains, including network, application, cloud, mobile, API, and wireless security testing. Conduct manual and automated penetration testing, simulate real-world attacks, and identify exploitable vulnerabilities. Develop and maintain custom scripts, tools, and exploits to support advanced testing scenarios. Reporting, Red Teaming/ Off Sec Testing, Remediation to Vulnerablitiy, DAST / SAST , secure code review, Hardening or Configuration Review. Prepare and deliver detailed technical reports and executive summaries with risk ratings, evidence, and remediation guidance. Collaborate with blue teams and SOC for red/purple teaming and threat emulation exercises. Engage in client communication, providing technical guidance and post-assessment support. Ensure quality assurance across all deliverables and maintain compliance with cybersecurity standards and frameworks. Continuously research new vulnerabilities, attack methods, and testing tools to improve service offerings. Mentor junior team members and contribute to the development of internal methodologies and playbooks.

Required Qualifications:

Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent hands-on experience). Minimum 5 years of hands-on experience in VAPT, offensive security, or ethical hacking. In-depth knowledge of OWASP Top 10, MITRE ATT&CK, NIST, and common vulnerability scoring systems (CVSS). Proficiency with tools such as Burp Suite, Nmap, Metasploit, Nessus, Nikto, Kali Linux, etc. Strong understanding of network protocols, system internals, web/app architectures, and cloud platforms (AWS, Azure, GCP). Scripting experience in Python, Bash, or PowerShell for automation and custom exploits. Excellent communication skills for reporting, documentation, and client interaction.
Preferred Certifications (One or More):

OSCP (Offensive Security Certified Professional) - Strongly preferred CEH, GPEN, CRT, eCPPT, OSCE, or other offensive security credentials Cloud security certifications (e.g., AWS Security Specialty, AZ-500) are a plus
Desirable Skills:

Experience in Red Team, Purple Team, or Threat Emulation engagements Exposure to DevSecOps, CI/CD pipelines, and integrating security in SDLC Familiarity with compliance-driven testing (e.g., PCI DSS, ISO 27001, SOC 2, HIPAA) Client-facing experience in a consulting or MSSP environment
Job Type: Full-time

Pay: ?50,000.00 - ?100,000.00 per month

Benefits:

Provident Fund
Work Location: In person