Deputy Manager – VAPT (Vulnerability Assessment & Penetration Testing)

Job Title: Deputy Manager – VAPT (Vulnerability Assessment & Penetration Testing)Location: Mumbai / BangaloreExperience: 5+ YearsDepartment: Information Security / Cyber RiskJoining: Early joiners preferredAbout the Role:We are looking for a skilled Deputy Manager – VAPT to lead and execute vulnerability assessments and penetration testing engagements across applications, networks, and infrastructure. The ideal candidate will have a strong understanding of security testing methodologies, exploit development, and risk reporting, along with the ability to communicate technical findings to non-technical stakeholders.Key Responsibilities:- Conduct Vulnerability Assessments and Penetration Tests on web, mobile, network, and infrastructure components. - Identify, exploit, and document vulnerabilities, along with providing actionable remediation recommendations. - Perform threat modeling and risk analysis to assess the impact of identified vulnerabilities. - Collaborate with IT, application, and infrastructure teams to validate and track remediation efforts. - Ensure testing and reporting are aligned with industry frameworks and compliance standards (OWASP, OSSTMM, NIST, ISO 27001, etc.). - Manage security assessment projects end-to-end, ensuring timely delivery and high-quality outputs. - Support red team exercises, secure code reviews, and configuration reviews as required. - Prepare and present detailed technical and executive reports for stakeholders and management. - Stay updated with emerging vulnerabilities, attack vectors, and security tools.Required Skills & Experience:- 5+ years of experience in Vulnerability Assessment and Penetration Testing. - Hands-on experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, Qualys, OWASP ZAP, Kali Linux, etc. - Proficiency in manual testing techniques, exploit scripting, and report writing. - Strong understanding of network protocols, web technologies, and application security concepts. - Experience in testing cloud environments (AWS, Azure, GCP) will be a plus. - Ability to communicate complex security issues to non-technical stakeholders.Preferred Certifications:- OSCP / CEH / GPEN / GWAPT / eCPPT or equivalent certifications. - ISO 27001 or similar InfoSec certifications will be an added advantage.Key Attributes:- Strong analytical and problem-solving abilities. - Excellent communication and documentation skills. - Ability to manage multiple assessments simultaneously. - Early joiners will be given preference.

Apply Now