Key Responsibilities:
Conduct thorough Vulnerability Assessments and Penetration Testing on applications, networks, systems, and infrastructure.
Identify security weaknesses and recommend appropriate remediation strategies.
Develop and execute test plans, including black-box, white-box, and gray-box testing methodologies.
Collaborate with IT and development teams to ensure timely mitigation of discovered vulnerabilities.
Perform regular security audits and risk assessments.
Maintain up-to-date knowledge of the latest security threats, vulnerabilities, and compliance requirements.
Document findings and produce detailed reports with actionable recommendations for technical and non-technical stakeholders.
Assist in the development and implementation of security policies, procedures, and controls.
Support incident response activities and investigations related to security breaches or vulnerabilities.
Stay current with industry best practices, tools, and methodologies related to VAPT and information security.
Required Skills and Qualifications:
Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
Proven experience as an Information Security Engineer, Security Analyst, or similar role.
Strong hands-on experience with Vulnerability Assessment and Penetration Testing (VAPT) tools such as Nessus, Qualys, Burp Suite, Metasploit, Nmap, Wireshark, or similar.
Solid understanding of network protocols, operating systems (Windows, Linux), and common application architectures.
Knowledge of secure coding practices and software development life cycle (SDLC).
Familiarity with industry standards and frameworks such as OWASP, NIST, ISO 27001, PCI-DSS, and CIS benchmarks.
Strong analytical, problem-solving, and communication skills.
Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), CISSP, or equivalent are highly desirable.
Preferred Attributes:
Experience in cloud security and testing cloud environments (AWS, Azure, GCP).
Familiarity with scripting languages such as Python, PowerShell, or Bash.
Ability to work independently as well as collaboratively in a team environment.
Detail-oriented with a proactive approach to security.
nan
