Deputy Manager - VAPT (Vulnerability Assessment & Penetration Testing)

Job Title :

Deputy Manager – VAPT (Vulnerability Assessment & Penetration Testing)

Location : Bangalore

Experience : 5+ Years

Department :

Information Security / Cyber Risk

Joining :

Early joiners preferred

About the Role :

We are looking for a skilled

Deputy Manager – VAPT

to lead and execute vulnerability assessments and penetration testing engagements across applications, networks, and infrastructure. The ideal candidate will have a strong understanding of security testing methodologies, exploit development, and risk reporting, along with the ability to communicate technical findings to non-technical stakeholders.

Key Responsibilities :

Conduct

Vulnerability Assessments and Penetration Tests

on web, mobile, network, and infrastructure components.

Identify, exploit, and document vulnerabilities, along with providing actionable remediation recommendations.

Perform

threat modeling

and

risk analysis

to assess the impact of identified vulnerabilities.

Collaborate with IT, application, and infrastructure teams to validate and track remediation efforts.

Ensure testing and reporting are aligned with industry frameworks and compliance standards (OWASP, OSSTMM, NIST, ISO 27001, etc.).

Manage

security assessment projects end-to-end

, ensuring timely delivery and high-quality outputs.

Support

red team exercises

secure code reviews

, and

configuration reviews

as required.

Prepare and present

detailed technical and executive reports

for stakeholders and management.

Stay updated with emerging vulnerabilities, attack vectors, and security tools.

Required Skills & Experience :

5+ years of experience in

Vulnerability Assessment and Penetration Testing

Hands-on experience with tools such as

Burp Suite, Metasploit, Nmap, Nessus, Qualys, OWASP ZAP, Kali Linux

, etc.

Proficiency in manual testing techniques, exploit scripting, and report writing.

Strong understanding of

network protocols, web technologies, and application security

concepts.

Experience in testing

cloud environments (AWS, Azure, GCP)

will be a plus.

Ability to communicate complex security issues to non-technical stakeholders.

Preferred Certifications :

OSCP / CEH / GPEN / GWAPT / eCPPT

or equivalent certifications.

ISO 27001 or similar InfoSec certifications will be an added advantage.

Key Attributes :

Strong analytical and problem-solving abilities.

Excellent communication and documentation skills.

Ability to manage multiple assessments simultaneously.

Early joiners will be given preference.