Art Technology and Software
Website:
artechsoft.com
Job details:
Senior VAPT Engineer ? Cybersecurity & Risk Management Position Overview We are seeking a highly skilled Senior VAPT Engineer to join our cybersecurity team. This role involves leading advanced vulnerability assessments and penetration testing engagements to identify security risks across applications, networks, cloud, and infrastructure. The ideal candidate will act as a trusted security advisor, delivering high?quality, actionable insights in a fast?paced, client?facing environment.
Key Responsibilities Client Engagement & Leadership Act as a trusted cybersecurity advisor for multiple high?value clients
Lead end?to?end VAPT engagements: scoping, execution, reporting, and remediation guidance Conduct technical and executive?level briefings on findings, risks, and recommendations Translate complex vulnerabilities into business?centric risk insights Collaborate with client stakeholders to ensure practical remediation Threat Modelling & Risk Assessment Design and maintain threat models for applications, networks, cloud, and infrastructure Perform risk assessments based on business impact and exploitability Develop attack scenarios using threat intelligence and real?world attacker techniques Advise clients on embedding security into SDLC and cloud architecture Penetration Testing & Red Teaming Lead black?box, grey?box, and white?box penetration tests (Web, API, Network, Cloud) Conduct advanced Red Team simulations
Develop custom exploits, scripts, and testing tools Execute controlled social engineering exercises (phishing, physical security) Deliver post?engagement analysis with remediation and long?term improvement plans Reporting & Documentation Produce detailed and technically sound VAPT reports
Prepare executive summaries focused on business and compliance risks Maintain assessment methodologies, playbooks, and internal documentation Contribute to internal knowledge repositories and tooling libraries Technical & Programming Expertise Expert knowledge of vulnerability discovery and exploitation techniques Hands?on with tools: Burp Suite, Nessus, Qualys, Metasploit, Nmap, OpenVAS, Nikto, Cobalt Strike, Wireshark, tcpdump Strong scripting & automation skills: Python, Bash, PowerShell Deep understanding of OWASP Top 10, SANS Top 25 , and attack surface analysis Strong experience with Cloud Security, IAM, Docker, Kubernetes Social Engineering & OSINT Design and run phishing and social engineering simulations Conduct physical security testing (tailgating, badge cloning) ???? Apply OSINT techniques for reconnaissance Provide security awareness and training recommendations Professional Attributes Analytical, creative, and attacker?mindset driven
Strong communication and presentation skills Passion for continuous research and innovation Detail?oriented with a methodical testing approach
Required Qualifications 5 years of hands?on experience in VAPT and security consulting Strong expertise in Application, Network, Cloud (AWS/Azure/GCP), and Infrastructure Security Advanced exploitation, post?exploitation, and manual testing experience Proficiency in scripting and automation Familiarity with frameworks: NIST, ISO 27001, MITRE ATT&CK Excellent documentation and stakeholder management skills
Preferred Qualifications Certifications: OSCP, GPEN, CREST CRT, CRTO, CISSP, CEH Experience in DevSecOps & CI/CD security Knowledge of compliance standards: PCI?DSS, GDPR, HIPAA, SOC2, ISO 27001 Prior consulting or customer?facing experience Exposure to threat intelligence platforms & IoCs
Click on Apply to know more.