Cyber Operations Specialist

We are looking for a Cyber Operations Specialist – VAPT & Network to join our cybersecurity team.

The ideal candidate is not someone who only runs automated scanners, but someone who understands the “why” behind every vulnerability. This role requires strong technical fundamentals, manual verification skills, and the ability to identify, exploit, assess, and support remediation of security weaknesses across complex network environments.

The successful candidate will perform vulnerability assessments, penetration testing, network security reviews, manual exploitation, and technical reporting with clear root-cause analysis and practical remediation recommendations.

Key Responsibilities

• Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) following structured methodologies such as OWASP and PTES.
• Conduct comprehensive network assessments, including protocol analysis, firewall audits, and architecture reviews.
• Manually verify vulnerabilities to eliminate false positives and demonstrate real-world risk.
• Chain multiple low-severity findings to identify high-impact attack paths.
• Analyze network environments, security controls, and technical configurations.
• Prepare clear and actionable technical reports, including root-cause analysis and remediation steps.
• Collaborate with technical teams to explain findings and support remediation activities.
• Stay updated on offensive security techniques, vulnerabilities, tools, and best practices.

• 3+ years of experience in offensive security, penetration testing, VAPT, or advanced network engineering.

• Strong understanding of the OSI model, TCP/IP stack, and core network protocols.

• Solid knowledge of protocols such as DNS, SMB, Kerberos, LDAP, HTTP/HTTPS, and related network services.

• Proven experience in reconnaissance, exploitation, post-exploitation, and vulnerability validation.

• Strong ability to conduct assessments with limited reliance on automated tools.

• Hands-on experience with tools such as Burp Suite, Nmap, Metasploit, Wireshark, and similar security tools.

• Strong analytical thinking, problem-solving, and technical documentation skills.

• Ability to explain technical risks clearly to both technical and non-technical stakeholders.