Assistant Manager - VAPT

About the job Job Description: VAPT Manager Location: Mumbai, India Experience Required: 3 years Work Mode: Onsite (Mumbai) Position Summary : - We are looking for an experienced Vulnerability Assessment and Penetration Testing (VAPT) Manager with 3 years of hands-on experience in security testing. - The ideal candidate should have a strong background in identifying, analyzing, and mitigating security vulnerabilities across networks, applications, and cloud environments. - This role requires expertise in security assessments, team leadership, and client management. Key Responsibilities : - Lead and manage end-to-end VAPT engagements for applications, networks, cloud, and infrastructure security. - Identify, exploit, and document security vulnerabilities with actionable remediation plans. - Develop and execute penetration testing methodologies, frameworks, and strategies tailored to client requirements. - Ensure compliance with industry security standards such as ISO 27001, NIST, PCI-DSS, GDPR, and OWASP best practices. - Collaborate with internal and external stakeholders to communicate security risks, solutions, and recommendations. - Conduct red teaming and threat simulation exercises to assess and improve an organization's security posture. - Manage security tools and frameworks, including Burp Suite, Metasploit, Nmap, Nessus, Qualys, Wireshark, and Kali Linux. - Work closely with development and IT teams to ensure secure coding practices and effective vulnerability remediation. - Stay updated with the latest cybersecurity threats, vulnerabilities, and exploits to enhance security testing methodologies. - Prepare detailed technical reports and executive summaries for management and regulatory compliance. - Mentor and train junior security professionals within the team. Qualifications & Skills : Mandatory : - OSCP Certification (CEH, CISSP, OSCE, or GPEN is a plus). - 3 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). - In-depth understanding of network security, application security, cloud security (AWS, Azure, GCP), and IoT security. - Strong expertise in manual and automated penetration testing techniques. - Proficiency in security tools such as Burp Suite, Metasploit, Nmap, Qualys, Nexpose, Tenable, AppScan, and Wireshark. - Experience in scripting for security automation (Python, Bash, PowerShell, or Ruby). - Strong understanding of MITRE ATT&CK framework, threat modeling, and red teaming concepts. - Experience in secure coding practices and ability to review application code for security vulnerabilities. - Knowledge of Indian regulatory and compliance frameworks related to cybersecurity. - Excellent problem-solving, analytical, and communication skills for client engagement (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 5/7/2025