- Perform Vulnerability Assessment & Penetration Testing (VAPT) for web, mobile, network, and infrastructure environments.
- Lead end-to-end VAPT engagements including scoping, execution, reporting, and remediation validation.
- Work on CERT-In empanelment projects and ensure compliance with CERT-In guidelines.
- Conduct manual and automated penetration testing.
- Identify and exploit vulnerabilities such as OWASP Top 10, SANS Top 25.
- Prepare detailed VAPT reports, risk ratings, and mitigation recommendations.
- Perform secure configuration reviews and compliance checks.
- Support clients during audit and certification processes.
- Coordinate with development and IT teams for remediation and re-testing.
- Stay updated with the latest security threats, tools, and techniques.
- Required Skills:
- Strong experience in Web, API, Network, and Mobile VAPT.
- Hands-on with tools like Burp Suite, Nessus, Nmap, Metasploit, Acunetix, Nikto.
- Good knowledge of OWASP Top 10, CVSS, threat modeling.
- Experience in manual exploitation techniques.
- Understanding of network protocols, firewalls, WAF, IDS/IPS.
Experience in report writing and risk analysis
