Manager | Vulnerability Assessment & Penetration Testing (VAPT) | Delhi | Cyber Defense & Resilience

Key ResponsibilitiesConduct and oversee Vulnerability Assessment and Penetration Testing (VAPT) for networks, web applications, APIs, cloud environments, and mobile applications.Perform in-depth Application Security assessments, including secure code reviews and static & dynamic analysis.Assess and enhance API Security by identifying vulnerabilities and recommending security best practices.Conduct Configuration Reviews for infrastructure, cloud environments, and enterprise applications to identify misconfigurations.Plan and execute Red Team Assessments, simulating real-world attack scenarios to evaluate and strengthen security defenses.Develop and execute Social Engineering techniques such as phishing simulations and physical security tests.Work closely with stakeholders to remediate identified vulnerabilities and improve the organization's security posture.Stay up to date with emerging security threats, attack techniques, and industry trends to improve the attack surface management program.Provide mentorship and guidance to junior security professionals in the team.Develop reports and present security findings to senior management and key stakeholders.Required Qualifications & Skills:Experience: 7+ years of experience in cybersecurity, with a strong focus on attack surface management, penetration testing, and red teaming.Technical Expertise: Hands-on experience in network & web application penetration testing, API security, application security assessments, and exploit development.Red Team Skills: Strong knowledge of adversary simulation, lateral movement techniques, social engineering, and physical security assessments.Tools & Techniques: Proficiency in security tools like Burp Suite, Metasploit, Nmap, Nessus, BloodHound, Cobalt Strike, Empire, etc.Cloud Security: Experience in securing cloud environments (AWS, Azure, GCP) and assessing cloud attack vectors.Certifications (Preferred): OSCP, OSWE, CISSP, CISM, GWAPT, CRTP, CRT, or other relevant security certifications.Strong Communication Skills: Ability to convey complex security findings to both technical and non-technical stakeholders.Leadership & Collaboration: Experience leading security teams and working cross-functionally with IT, DevOps, and Risk teams.