VAPT LEAD

VAPT Lead (716 Years) with Red Teaming Expertise

Senior offensive security professional responsible for leading end-to-end VAPT programs and executing advanced red-team exercises to assess organizational resilience. Drives offensive security strategy, improves detection capabilities, and mentors a team of security testers.

Core Responsibilities:

• Lead VAPT across web, mobile, cloud, networks, containers, and APIs
• Execute red-team / adversary emulation using MITRE ATT&CK
• Develop exploit PoCs, privilege escalation paths, lateral movement
• Work with SOC/IR teams to validate and improve detections
• Conduct purple-team exercises and attack simulations
• Review architecture, threat models, and secure design gaps
• Deliver detailed risk reports and remediation plans
• Manage third-party testing vendors and ensure compliance (ISO 27001, PCI-DSS, DPDP)

Skills Needed:

• Strong expertise in offensive security tools: BurpSuite Pro, Metasploit, Cobalt Strike/Brute Ratel, Nmap, Nessus, BloodHound, Azure AD attack tools, etc.
• Deep knowledge of AD/Cloud attacks (Azure/AWS/GCP), API security, containers, and CI/CD pipeline testing.
• Ability to script (Python, PowerShell, Bash) for automation.

Preferred Certifications:

OSCP, OSWE/OSCE3, CRTP/CRTE, eWPTX, eCPPT, CEH Master.