- Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) on a wide range of systems, networks, and applications, spanning from SME to Enterprise level.
- Perform thorough source code reviews to identify potential security vulnerabilities and weaknesses.
- Conduct host configuration reviews to ensure systems are configured in alignment with industry best practices and security standards.
- Lead security audits and assessments to identify security gaps and recommend actionable remediation strategies.
- Provide expert security consulting, offering insights and guidance to clients on improving their overall security posture.
- Assess risks associated with identified vulnerabilities and prioritize them based on potential impact and likelihood.
- Collaborate with cross-functional teams to develop and implement risk management strategies.
- Stay current with the latest security trends, threats, and vulnerabilities to continuously enhance testing methodologies and risk assessment techniques.
- Create detailed technical reports and documentation outlining identified vulnerabilities, potential impact, risk assessment findings, and recommended remediation steps.
- Participate in client meetings to explain findings, address concerns, and provide recommendations for improving overall security and risk management practices.
Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent work experience).
- Industry-recognized certifications such as OSCP, CREST Certified Tester (CCT), or equivalent.
- Extensive experience of at least 3-5 years in performing Vulnerability Assessment and Penetration Testing (VAPT) across diverse environments, from SME to Enterprise.
- Proven expertise in conducting source code reviews, host configuration reviews, security audits, consulting assessments, and risk management.
- Proficiency in using a variety of security testing tools and frameworks.
- Strong understanding of common security vulnerabilities, attack vectors, and mitigation strategies.
- Excellent written and verbal communication skills, with the ability to convey complex technical concepts to both technical and non-technical audiences.
- Ability to work independently, manage multiple projects simultaneously, and meet tight deadlines.
- Strong problem-solving skills and attention to detail.
- A commitment to staying up to date with the evolving cybersecurity landscape.