Conduct regular vulnerability assessments on network infrastructure, web applications, and mobile applications using automated tools and manual techniques. Prioritize identified vulnerabilities based on risk severity and potential impact. Perform thorough hands-on security assessments, including simulated cyber-attacks, to uncover security weaknesses beyond automated scans. Develop and utilize custom scripts and payloads to evaluate system resilience. Document assessment findings comprehensively and provide clear, actionable recommendations for mitigation. Prepare detailed reports outlining vulnerabilities, associated risks, and proposed remediation strategies. Present technical findings and risk assessments effectively to both technical and non-technical stakeholders. Communicate security risks and remediation guidance clearly to development teams to facilitate effective resolution. Test and validate the effectiveness of implemented security fixes on applications. Serve as a security expert during application development to ensure adherence to enterprise and IT security policies and standards.

Requirements:

5+ years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Proficient with security assessment tools including Nessus, Qualys, Burp Suite, Kali Linux, Nmap, and Metasploit. Experienced in Web Application Security Testing, Infrastructure VAPT, and API security testing. Experienced in Mobile Security Penetration Testing for both iOS and Android platforms. Solid understanding of TCP/IP protocols and network components such as WAF, IDS/IPS, Routers, Switches, and overall network architecture. Competent in basic scripting languages including Shell, Python, and PERL. Experience in the BFSI sector is advantageous but not mandatory. Strong communication and presentation abilities. Willingness to work on-site at client locations