3 Vapt Engineer Jobs

Job Title: Vulnerability Assessment and Penetration Testing (VAPT) Specialist
Job Type: Full-time

Location : Chennai only

Key Responsibilities:

• Vulnerability Assessment:
• Perform vulnerability scans and assessments using industry-standard tools and frameworks.
• Analyze scan results to identify potential security risks, including configuration flaws, software vulnerabilities, and other potential weaknesses.
• Prioritize vulnerabilities based on risk analysis and collaborate with other teams to remediate issues.
• Penetration Testing:
• Conduct penetration tests (ethical hacking) on web applications, networks, and infrastructure to simulate real-world attacks and identify potential vulnerabilities.
• Perform manual and automated testing techniques to assess the effectiveness of existing security measures.
• Provide detailed technical analysis and reports on findings, including proof of concept for vulnerabilities and suggested mitigation strategies.
• Collaborate with the development and IT teams to assist in identifying weaknesses and remediating them.
• Security Assessments:
• Assist in conducting risk assessments and threat modeling to identify high-priority areas that require penetration testing.
• Evaluate security controls and recommend improvements to enhance overall system security.
• Keep track of the latest security vulnerabilities, exploit techniques, and penetration testing methodologies.
• Reporting & Documentation:
• Document findings and deliver comprehensive vulnerability assessment and penetration testing reports to both technical and non-technical stakeholders.
• Provide remediation guidance and work with relevant teams to develop strategies for patching vulnerabilities and improving security measures.
• Maintain an up-to-date record of identified vulnerabilities and mitigation efforts.

Required Skills & Qualifications:

• Bachelors degree in information security, Computer Science, or related field (or equivalent work experience).
• Proven experience in vulnerability assessments, penetration testing, or ethical hacking.
• Strong knowledge of penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus, Wireshark, etc.).
• Understanding of common web application vulnerabilities (e.g., SQL injection, cross-site scripting, etc.) and how to exploit and mitigate them.
• Experience with network security protocols and services (e.g., TCP/IP, DNS, HTTP, VPN, firewall configurations).
• Proficiency in scripting and automation using languages such as Python, Bash, or PowerShell to assist in penetration testing.
• Strong understanding of security frameworks (e.g., OWASP, NIST, ISO 27001).
• Familiarity with compliance requirements such as GDPR, PCI-DSS, and HIPAA.

Preferred Qualifications:

• Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), or GIAC Penetration Tester (GPEN).
• Hands-on experience with web application, mobile application, API and network-based penetration testing.
• Familiarity with cloud platforms (e.g., AWS, Azure) and their security features.
• Experience with source code review or application security assessments.

Please share the resumes to "priyanga.govindharaj@aspiresys.com"