Experience Range: 35 Years (minimum 2 years in a leadership role)
About WATI
WATI is a fast-growing technology-driven organization focused on building secure, scalable, and high-performance digital solutions. Information security is a core pillar at WATI, and we are strengthening our cyber security function to ensure proactive risk management and strong protection of our platforms, products, and customer data.
Position Summary
WATI is seeking an experienced and highly motivated VAPT Team Lead to establish, lead, and scale our Vulnerability Assessment and Penetration Testing function. This role will be responsible for driving end-to-end security testing initiatives, managing a team of security professionals, and working closely with engineering, cloud, and compliance teams to enhance WATI's overall security posture.
Key Responsibilities
1. VAPT Operations & Delivery
- Lead and manage all VAPT engagements across web applications, mobile apps, APIs, networks, cloud infrastructure, and internal systems.
- Design and execute black-box, grey-box, and white-box penetration testing strategies.
- Identify, validate, and prioritize vulnerabilities based on business risk and impact.
- Oversee advanced exploitation, root-cause analysis, and retesting activities.
- Ensure timely delivery of high-quality technical and executive-level security reports.
2. Leadership & Team Management
- Build, mentor, and manage a high-performing VAPT team.
- Assign tasks, review assessments, and ensure accuracy and consistency of findings.
- Conduct regular training sessions, technical reviews, and skill development programs.
- Support recruitment, onboarding, performance management, and career development.
3. Governance, Process & Compliance
- Define and continuously improve VAPT frameworks, SOPs, and testing methodologies.
- Ensure alignment with standards such as OWASP, NIST, ISO 27001, PCI-DSS, SOC 2.
- Support internal and external audits, customer security assessments, and compliance reviews.
- Develop metrics, dashboards, and reports to track vulnerability management effectiveness.
Required Skills & Experience
Technical Expertise
- Strong hands-on experience in tools such as Burp Suite, Nessus, Qualys, Nmap, Metasploit, Acunetix, OWASP ZAP, Wireshark.
- Excellent understanding of market standard tools OWASP Top 10, SANS Top 25, MITRE ATT&CK
- Experience in testing SaaS platforms, cloud environments (AWS/Azure/GCP), APIs, and microservices.
- Knowledge of secure architecture, networking, operating systems, and databases.
- Scripting knowledge in Python, Bash, or PowerShell is a plus.
Soft Skills
- Proven leadership and mentoring capability.
- Strong communication and presentation skills.
- High ownership mindset with the ability to manage multiple priorities.
- Excellent documentation and stakeholder coordination skills.
Education & Certifications
- Bachelor's degree in Computer Science, IT, Cyber Security, or related discipline.
- Preferred certifications: OSCP, OSWE, CEH, GPEN, GWAPT, CISSP, CISM.
Note : Interested Candidates please share your resume to [Confidential Information]
