Cyber Security Analyst

Overview

Job Title: VAPT (Vulnerability Assessment and Penetration Testing) Engineer

Location: Kodambakkam High Road, Nungabakkam Chennai - 600034.

Job Type: Full-time

Experience: Minimum 2 years in VA/PT audit

Job Summary:

We are seeking a skilled VAPT Engineer with a strong background in Vulnerability Assessment (VA) and Penetration Testing (PT). The ideal candidate will have at least 2 years of experience in conducting VA/PT audits, identifying security vulnerabilities, and recommending remediation measures to enhance cybersecurity.

Key Responsibilities:

1. Perform Vulnerability Assessments (VA) and Penetration Testing (PT) on web applications, networks, cloud environments, and infrastructure.

2. Conduct security audits and compliance assessments based on industry standards (ISO 27001, PCI-DSS, NIST, OWASP, etc.).

3. Identify security flaws, analyze risks, and provide actionable remediation strategies.

4. Generate detailed security reports and present findings to technical and non-technical stakeholders.

5. Collaborate with IT and DevOps teams to implement security best practices.

6. Perform threat modeling, risk assessment, and attack simulations to enhance system security.

7. Keep up to date with the latest cybersecurity trends, exploits, and vulnerabilities.

8. Assist in security tool implementation and configuration (e.g., Burp Suite, Nessus, Metasploit, Qualys, etc.).

Required Skills & Qualifications:

1. Minimum 2 years of experience in Vulnerability Assessment & Penetration Testing (VA/PT audits).

2. Strong knowledge of network security, web application security, and cloud security.

3. Proficiency in using VA/PT tools such as Nessus, Burp Suite, Metasploit, Nmap, Qualys, Wireshark, etc.

4. Familiarity with OWASP Top 10, SANS 25, MITRE ATT&CK, and CVSS scoring system.

5. Hands-on experience with Linux, Windows, cloud platforms (AWS, Azure, GCP), and databases.

6. Scripting knowledge in Python, Bash, or PowerShell is a plus.

7. Strong analytical, problem-solving, and communication skills.

8. Relevant certifications (CEH, OSCP, CISSP, GPEN, or similar) are an advantage.

Preferred Qualifications:

1. Experience in Red Team exercises, threat hunting, and incident response.

2. Knowledge of Secure SDLC, DevSecOps, and compliance frameworks (ISO 27001, PCI-DSS, GDPR, SOC 2, etc.).

3. Ability to train internal teams on cybersecurity best practices.

Job Type: Full-time

Pay: ₹240,000.00 - ₹400,000.00 per year

Benefits:

• Cell phone reimbursement
• Flexible schedule
• Health insurance
• Life insurance
• Paid sick time
• Provident Fund

Schedule:

• Day shift

Supplemental Pay:

• Performance bonus
• Yearly bonus

Work Location: In person