Manager | Vulnerability Assessment & Penetration Testing (VAPT) |

Key Responsibilities:

• Leadership & Team Management:

• Lead, mentor, and manage a team of security analysts and penetration testers.
• Develop and execute the VAPT strategy aligned with business objectives.
• Conduct performance reviews, training sessions, and skill development workshops.

• Vulnerability Assessment & Penetration Testing:

• Oversee comprehensive vulnerability assessments, penetration testing, and security audits across IT systems, networks, applications, and cloud environments.
• Ensure the use of industry-standard tools and methodologies for testing (e.g., OWASP, NIST, MITRE ATT&CK).
• Collaborate with IT, development, and business teams to identify, evaluate, and remediate vulnerabilities.

• Risk Assessment & Mitigation:

• Analyze security risks and provide actionable recommendations to improve the organization's security posture.
• Prioritize vulnerabilities based on risk analysis and potential business impact.
• Support incident response activities and forensic investigations when required.

• Compliance & Reporting:

• Ensure VAPT activities comply with regulatory standards (e.g., GDPR, PCI-DSS, ISO 27001).
• Prepare detailed reports, executive summaries, and risk assessments for stakeholders.
• Maintain documentation related to VAPT processes, findings, and remediation activities.

• Continuous Improvement:

• Stay updated on the latest security threats, vulnerabilities, and industry best practices.
• Evaluate new security tools, technologies, and frameworks to enhance VAPT capabilities.

Qualifications:

• Education:

• Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Professional certifications such as OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), CISSP, or GIAC certifications are highly desirable.

• Experience:

• 5+ years of experience in cybersecurity, with at least 23 years in a managerial or leadership role.
• Hands-on experience with VAPT methodologies, tools (e.g., Metasploit, Burp Suite, Nessus, Nmap), and security frameworks.
• Strong background in network security, application security, cloud security (AWS, Azure, etc.), and risk management.

• Skills:

• Strong leadership, project management, and team coordination skills.
• Excellent analytical, problem-solving, and decision-making abilities.
• In-depth knowledge of security protocols, encryption, firewalls, IDS/IPS, and endpoint security.
• Ability to communicate complex security issues to non-technical stakeholders effectively.