Cyber Security Engineer (VAPT)

Company Overview: Mithra Consulting is dedicated to ensuring the highest standards of cybersecurity. As part of our commitment to safeguarding our digital assets, we are seeking a talented and motivated VAPT Professional to join our dynamic team. The successful candidate will play a crucial role in assessing and fortifying the security of our web applications, APIs, and network infrastructure.

Responsibilities:

Conduct VAPT Assessments:

• Perform regular vulnerability assessments and penetration tests on web applications, APIs, and both internal and external network systems.
• Identify and assess security vulnerabilities, providing detailed reports with recommended remediation steps.

Web Application Security: MUST HAVE

• Evaluate the security of web applications, identifying and addressing vulnerabilities such as SQL injection, cross-site scripting, and authentication issues.
• Collaborate with development teams to integrate security best practices throughout the software development lifecycle.

API Security: MUST HAVE

• Assess the security posture of APIs, ensuring they adhere to industry best practices and standards.
• Work closely with development teams to secure APIs, implement proper authentication, and prevent common API-related vulnerabilities.

Network Security:MUST HAVE

• Conduct internal and external network penetration tests to identify weaknesses in the infrastructure.
• Collaborate with IT and network teams to implement security measures and enhance the overall network defense.

Mobile Security:GOOD TO HAVE

• Conduct internal and external network penetration tests to identify weaknesses in the Mobile Application (Android and iOS).
• Collaborate with relevant teams to implement security measures and enhance the overall security posture of the mobile application.

Documentation and Reporting:

• Document assessment methodologies, findings, and recommended remediation steps.
• Generate comprehensive and clear reports for both technical and non-technical stakeholders.

Stay Informed:

• Keep abreast of the latest security trends, vulnerabilities, and industry best practices.
• Continuously enhance skills through training and certifications.

Qualifications:

• Relevant certification in cybersecurity like CEH etc
• Bachelor's degree in Computer Science, Information Security, or a related field.
• 1-3 years of practical experience in conducting VAPT assessments, focusing on web applications, APIs, and network security.
• Familiarity with common security frameworks and standards (OWASP, NIST, etc.).
• Hands-on experience with VAPT tools such as Burp Suite, OWASP Zap, Nmap, and Metasploit.
• Knowledge of scripting languages (Python, Bash) for automation and tool development is a plus.
• Strong analytical and problem-solving skills.
• Excellent communication skills, with the ability to convey technical information to both technical and non-technical audiences.