VAPT (Banking & Financial Services) - Deputy Manager

Job Title: Deputy Manager VAPT (Banking & Financial Services)

Location: Navi Mumbai

Experience Required: 5+ Years

Industry: Cyber Security Consulting

Domain Focus: Banking & Financial Services (BFSI)

Work Mode: Work from Office (Navi Mumbai)

Joining: Immediate / Early Joiners Preferred

Role Overview:

We are seeking an experienced Deputy Manager VAPT with strong hands-on technical expertise and governance exposure to lead VAPT engagements for Banking and Financial Services clients in a consulting environment.

Key Responsibilities:

1. VAPT Execution & Leadership

• Lead end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, network, and cloud environments.
• Perform assessments aligned with OWASP Top 10, SANS 25, MITRE ATT&CK, and industry best practices.
• Identify, validate, and document vulnerabilities with clear risk categorization and remediation guidance.
• Conduct re-validation testing and support remediation tracking.

2. BFSI Regulatory & Compliance Alignment

• Execute VAPT assignments aligned with RBI, SEBI, IRDAI regulatory expectations.
• Support compliance requirements under ISO 27001, NIST, PCI-DSS, and related frameworks.
• Assist clients in audit readiness and security compliance validation.

3. Governance & Risk Advisory

• Map VAPT findings to enterprise risk frameworks and control requirements.
• Contribute to risk assessments, policy reviews, and governance documentation.
• Support clients in strengthening their information security governance posture.

4. Client & Team Management

• Act as engagement SPOC for VAPT projects.
• Present executive summaries and risk insights to senior stakeholders.
• Mentor junior consultants and review deliverables for quality assurance.

Required Skills & Experience:

• 5+ years of hands-on experience in VAPT.
• Strong exposure to Banking and Financial Services (BFSI) clients.
• Experience in consulting environment preferred.
• Proficiency with tools such as Burp Suite, Nessus, Nmap, Metasploit, SQLMap, etc.
• Strong understanding of governance, compliance, and regulatory requirements in BFSI.
• Strong reporting, stakeholder management, and communication skills.

Certification Requirement (Important):

• CISA certification is preferred.
• Candidates who are not currently CISA certified should be willing to pursue CISA certification.
• The company will sponsor the CISA certification; however, candidates must commit to completing it within the agreed timeframe after joining.

Preferred Certifications:

• OSCP / CEH / CRTO / CISSP / CISA (preferred or willingness to pursue mandatory)