Head of VAPT / Red Teaming

About Us

Mitigata is India's first Security + Compliance + Insurance company, helping businesses mitigate cyber risks through a combination of risk assessments, compliance consulting, cyber insurance, and security solutions . We work with businesses to strengthen their security posture, ensure regulatory compliance, and provide tailored cyber insurance policies to minimize financial exposure from cyber threats. We are backed by a consortium of premier investors, including Nexus Venture Partners, Titan Capital, and WEH Ventures, alongside a global network of industry leaders.

Become a part of the first line of defence of digital India

Job Title: VAPT / Red Teaming Manager

Experience: 10+ Years

Location: Bengaluru

Employment Type: Full-time

About the Role

We are seeking an experienced VAPT / Red Teaming Manager to lead and mature our offensive security function. The ideal candidate will have deep expertise in conducting complex penetration testing assessments, leading red team engagements, and building offensive security capabilities. This role requires strong technical leadership, stakeholder management, and the ability to develop a high-erforming security testing team.

Key Responsibilities

Lead and manage end-to-end Vulnerability Assessment, Penetration Testing (VAPT) and Red Team operations for web, network, cloud, mobile, APIs, and infrastructure environments.

Develop and execute advanced red teaming strategies, aligning with MITRE ATT&CK / Cyber Kill Chain frameworks.

Oversee scoping, planning, execution, and reporting of engagements, ensuring quality and compliance with industry standards (ISO 27001, NIST, PCI-DSS etc.).

Identify security weaknesses, exploit vulnerabilities, simulate threat actor behavior, and provide actionable remediation guidance.

Mentor, train, and lead a team of offensive security engineers, fostering continuous technical growth and operational excellence.

Collaborate closely with Blue Team, SOC, Incident Response, and IT Security teams to support Purple Teaming and continuous improvement.

Drive the development of automated security testing frameworks, tooling, and custom exploit development when required.

Conduct stakeholder communication, prepare high-quality executive and technical reports, and present findings to management and customers.

Stay updated with the latest cyber threats, exploits, TTPs, and offensive security methodologies.

Required Skills & Qualifications

10+ years of hands-on experience in VAPT, offensive security, exploit development, or red teaming roles.

Strong understanding of networking, operating systems, cloud environments, Active Directory security, and IoT/OT environments (optional).

Proven experience leading Red Team exercises and adversary simulations.

Practical knowledge of tools such as Nmap, Burp Suite, Metasploit, Cobalt Strike, BloodHound, Nessus, Qualys, Wireshark, etc.

Strong scripting and automation experience in Python / Bash / PowerShell.

Ability to clearly articulate findings and recommendations to both technical and non-technical stakeholders.

Experience managing teams, engagements, clients, and reporting processes.

Preferred Certifications (Any of the below):

OSCP / OSCE / OSEP / OSEE

CREST CRT / CCT

CEH (Practical) / CPENT / LPT Master

CISSP / CRTO / Red Team specific certifications

Soft Skills

Strong leadership and team management abilities

Problem-solving mindset with the ability to think like a threat actor

Excellent communication, documentation, and presentation skills

High sense of ownership and accountability

Why Join Us

Opportunity to lead strategic offensive security initiatives

Work with a technically strong and collaborative cybersecurity team

Exposure to diverse technologies and complex security challenges

Great environment for continuous learning and career advancement

What We Offer

• Competitive salary + performance-based incentives.
• Opportunity to work with cutting-edge cybersecurity solutions.
• Exposure to large enterprise clients and global projects.
• Professional growth in a fast-scaling cybersecurity company.
• Collaborative, innovative, and inclusive work culture.

Why Join Mitigata?

If Indias growth is under threat, were standing in the way.

Every cyberattack, every data breach, every fraudulent claimisnt just a digital incident. Its a financial bullet aimed at India.

At Mitigata, weve built a first-of-its-kind organisation that combines cybersecurity with liability insurancebecause defence without coverage is incomplete.

From ransomware taking down hospitals, to directors being sued overnight, to startups losing funding after a breachwe protect what matters:

Their servers. Their balance sheets. Their reputation.

Were building Indias cyber shieldone firewall, one policy, one partnership at a time.

Our work is national defence in the digital age We protect government, businesses & individuals from collapsing under the weight of cybercrime and legal liability.

Youll be designing and defending the infrastructure that keeps Indias growth story alive.

Competitive compensation, ESOPs, and the opportunity to secure a billion-dollar future.

Join us if you're done building for vanity.

Build for protection. Build for survival. Build for Bharat