VAPT Lead (7–16 Years) with Red Teaming Expertise
Senior offensive security professional responsible for leading end-to-end VAPT programs and executing advanced red-team exercises to assess organizational resilience. Drives offensive security strategy, improves detection capabilities, and mentors a team of security testers.
Core Responsibilities:
- Lead VAPT across web, mobile, cloud, networks, containers, and APIs
- Execute red-team / adversary emulation using MITRE ATT&CK
- Develop exploit PoCs, privilege escalation paths, lateral movement
- Work with SOC/IR teams to validate and improve detections
- Conduct purple-team exercises and attack simulations
- Review architecture, threat models, and secure design gaps
- Deliver detailed risk reports and remediation plans
- Manage third-party testing vendors and ensure compliance (ISO 27001, PCI-DSS, DPDP)
Skills Needed:
- Strong expertise in offensive security tools: BurpSuite Pro, Metasploit, Cobalt Strike/Brute Ratel, Nmap, Nessus, BloodHound, Azure AD attack tools, etc.
- Deep knowledge of AD/Cloud attacks (Azure/AWS/GCP), API security, containers, and CI/CD pipeline testing.
- Ability to script (Python, PowerShell, Bash) for automation.
Preferred Certifications:
OSCP, OSWE/OSCE3, CRTP/CRTE, eWPTX, eCPPT, CEH Master.
