Security Vulnerability Assessment Lead

Location : Ghatkopar, Mumbai (Onsite)

Department : Information Security / Offensive Security

Experience : 2–8 Years

Certifications Preferred : OSCP, CEH, eCPPT, eJPT, GWAPT, or equivalent

About the Role

We are seeking a highly skilled Cybersecurity Analyst (Vulnerability Assessment & Penetration Testing) specializing in both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) . The ideal candidate will have hands-on experience performing end-to-end security testing across web applications, mobile apps (Android / iOS), APIs, networks, Active Directory environments, and source code.

This role requires a strong understanding of offensive security, exploit development, red teaming methodologies, and secure coding practices to identify, exploit, and document vulnerabilities with actionable recommendations.

Key Responsibilities

• Conduct Vulnerability Assessments and Penetration Tests (VAPT) across :
• Web applications, APIs, and backend services
• Android and iOS mobile applications
• Corporate and cloud networks
• Active Directory and internal infrastructure
• Perform SAST & DAST on custom applications using manual and automated tools.
• Analyze source code (Java, Python, PHP, .NET, etc.) to identify logic flaws and insecure coding practices.
• Execute Red Team exercises , simulate attack chains, and evaluate defense mechanisms.
• Generate detailed technical reports with PoC evidence, exploit steps, risk severity, and remediation guidance.
• Collaborate with development and DevSecOps teams to verify fixes and retests.
• Maintain up-to-date knowledge of the latest vulnerabilities, exploits, and security tools.
• Support compliance assessments and cybersecurity trends.

Required Skills and Expertise

Certifications (Preferred but not Mandatory)

Educational Qualification

Why Join Us