Senior Consultant - VAPT (Vulnerability Assessment & Penetration Testing)

Apt Resources is hiring for our client, a leading cybersecurity services firm, seeking an experienced Senior Consultant – VAPT to join their expert team. The ideal candidate will have deep expertise in infrastructure and application security assessments, penetration testing, and a solid understanding of modern security threats and countermeasures.

Key Responsibilities:

Infrastructure VA/PT:

• Conduct black-box and grey-box vulnerability assessments and penetration tests on system/network/cloud environments.
• Map network infrastructure, discover ports/services, and audit OS, network, and security configurations.
• Use tools like NMap, Nessus, Metasploit, Kali Linux for exploiting vulnerabilities.
• Stay current with CVEs and threat intelligence relevant to supported technologies.
• Prepare and present detailed findings and mitigation plans to clients.
• Deliver cloud infrastructure security assessments and configuration audits.
• Create and deliver comprehensive, client-specific technical reports.

Application VA/PT:

• Perform vulnerability assessments of Web, Mobile, and Thick-client applications based on OWASP standards.
• Combine automated scanning with manual testing techniques to detect flaws.

Social Engineering:

• Conduct phishing and spear-phishing simulations to assess end-user security awareness.

Qualifications:

• Bachelor's degree in Computer Science, IT, or a related field.
• 8–10 years of hands-on experience in VAPT.
• CEH certification is required.
• OSCP or CREST certifications are a plus.
• Experience working in an MSSP (Managed Security Services Provider) environment is preferred.
• Strong understanding of Windows, Unix/Linux systems, firewalls, VPNs, and security infrastructure.

Technical Skills:

• Expertise in tools like NMap, Metasploit, Kali Linux, Nessus, NetCat, HPing, Qualys, and RetinaCS.
• Strong understanding of CVE databases, exploit development, and countermeasures.
• Familiarity with scripting languages such as C++, C#, Perl, HTML, Shell, etc.
• Knowledge of firewalls, IPS, DNS security, VLAN, web filtering, and VPNs.
• Experience with cloud security assessment across major platforms (AWS, Azure, GCP).

Additional Requirements:

• Strong communication, presentation, and documentation skills.
• Ability to work independently and lead security assessments across client environments.
• Willingness to travel overseas for project deployments.
• Exposure to RFP response preparation, solution architecture, and client-facing presentations.

Salary: Up to INR 18 LPA