VAPT-Lead

Title: VAPT-Lead
Location: Mumbai
Exp: 6+ yrs

Job Description:
Key Responsibilities
- Lead end-to-end VAPT engagements for web, mobile, cloud, and network environments.
- Perform manual and automated penetration testing using industry-standard tools and techniques.
- Identify, exploit, and document security vulnerabilities with detailed risk analysis and remediation guidance.
- Develop and maintain threat models, test plans, and attack scenarios.
- Collaborate with development, infrastructure, and SOC teams to validate fixes and improve security posture.
- Prepare comprehensive reports for technical and executive audiences.
- Ensure adherence to security standards (OWASP, NIST, ISO 27001, PCI-DSS).
- Mentor junior security testers and contribute to capability building within the team.

< Required Skills & Qualifications
- Minimum 6 years of hands-on experience in VAPT and ethical hacking.
- Proficiency in tools such as Burp Suite, Nmap, Metasploit, Nessus, Qualys, Wireshark, and Kali Linux.
- Strong understanding of OWASP Top 10, CVSS scoring, and exploit development.
- Experience in scripting (Python, Bash, PowerShell) for automation and custom exploits.
- Familiarity with cloud security testing (AWS, Azure, GCP).
- Knowledge of secure coding practices and SDLC integration.
- Excellent analytical, documentation, and communication skills.

Preferred Skills
- Certifications such as OSCP, CEH, GPEN, or CISSP.
- Experience with red teaming and threat emulation.
- Exposure to container and API security testing (Docker, Kubernetes, REST, GraphQL).
- Familiarity with SIEM tools and incident response workflows