Role: Cyber Analysts - Vulnerability Management and Penetration Testing
Industry Type: IT Services & Consulting
Department: IT & Information Security
Employment Type: Full Time, Permanent
Role Category: IT Security
UG: B.C.A. in Computer Applications (General), Cybersecurity, B.Tech / B.E. in Any Specialization, B.Sc in Any Specialization
Role & responsibilities:
Lead or participate in the regular execution of internal vulnerability scans using tools like Qualys, Tenable, Rapid7, etc.
- Prioritize findings based on risk context (CVSS, EPSS, asset value, threat intel).
- Track and report remediation progress; work closely with infrastructure and application teams to ensure timely fixes.
- Ensure compliance with internal SLAs for remediation (e.g., fix critical within 15 days).
- Develop and maintain dashboards, metrics, and KPIs for executive and operational reporting.
- Maintain the asset inventory and ensure full scan coverage.
- Perform or coordinate internal and external penetration testing for networks, web applications, APIs, and cloud services.
- Validate exploitability of critical vulnerabilities; provide proof-of-concept (PoC) reports where required.
Preferred candidate profile:
2-3 years of experience in vulnerability assessment, penetration testing, or red teaming.
- VM Tools: Qualys, Nessus, Nexpose, Tenable.io
- Pentest Tools: Burp Suite, Metasploit, Nmap, Nikto, Wireshark, OWASP ZAP
- Solid understanding of network protocols, OS internals, web application security, and cloud platforms (AWS/Azure).
- Experience with OWASP Top 10, CWE, MITRE ATT&CK, and CISA KEV.
- Ability to write technical and executive-level reports.
- Scripting knowledge (e.g., Python, Bash, PowerShell) is a plus.
- Bug Bounty experience is a plus.
- Security Certifications: OSCP, eJPT, CEH, GPEN, GWAPT, CRTO, CEH
Interested candidates please share your resume on - [email protected]