CrawlJobs Logo
AMBC Logo AMBC · IT - Software Development

VAPT Manager

India, Coimbatore · Job Posted January 03, 2026
Apply Position
Job Link Share

Job Description

Core Responsibilities: Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web applications, mobile apps, networks, Active Directory, APIs, and enterprise systems. Perform manual and automated penetration testing with strong hands-on depth in web, network, and AD security testing. Execute Red Teaming / adversary simulation activities, including privilege escalation and lateral movement. Perform cloud security assessments across AWS, Azure, and GCP environments. Review and assess security configurations of network devices, servers, databases, and cloud services. Evaluate CI/CD pipelines and DevSecOps practices to identify security gaps in build and deployment processes. Analyze findings, assign risk ratings, and prepare clear VAPT reports with impact analysis and actionable remediation guidance. Collaborate with development, DevOps, IT, and client stakeholders to prioritize and support vulnerability remediation. Continuously track emerging threats and attack techniques and enhance testing methodologies accordingly. Certifications (At Least One Mandatory): CRTO – Certified Red Team Operator; OSCP – Offensive Security Certified Professional; CRTP – Certified Red Team Professional; GPEN – GIAC Penetration Tester; CEH – Certified Ethical Hacker; CompTIA PenTest+; CISSP / CISM (Good to have for senior / leadership roles). Key Information: Industry: IT Consulting; Work Experience: 8 to 12 years; City: Coimbatore; State/Province: Tamilnadu; Country: India; Zip/Postal Code: 641001.

Job Responsibility

  • Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web applications, mobile apps, networks, Active Directory, APIs, and enterprise systems
  • Perform manual and automated penetration testing with strong hands-on depth in web, network, and AD security testing
  • Execute Red Teaming / adversary simulation activities, including privilege escalation and lateral movement
  • Perform cloud security assessments across AWS, Azure, and GCP environments
  • Review and assess security configurations of network devices, servers, databases, and cloud services
  • Evaluate CI/CD pipelines and DevSecOps practices to identify security gaps in build and deployment processes
  • Analyze findings, assign risk ratings, and prepare clear VAPT reports with impact analysis and actionable remediation guidance
  • Collaborate with development, DevOps, IT, and client stakeholders to prioritize and support vulnerability remediation
  • Continuously track emerging threats and attack techniques and enhance testing methodologies accordingly

Requirements

  • Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web applications, mobile apps, networks, Active Directory, APIs, and enterprise systems
  • Perform manual and automated penetration testing with strong hands-on depth in web, network, and AD security testing
  • Execute Red Teaming / adversary simulation activities, including privilege escalation and lateral movement
  • Perform cloud security assessments across AWS, Azure, and GCP environments
  • Review and assess security configurations of network devices, servers, databases, and cloud services
  • Evaluate CI/CD pipelines and DevSecOps practices to identify security gaps in build and deployment processes
  • Analyze findings, assign risk ratings, and prepare clear VAPT reports with impact analysis and actionable remediation guidance
  • Collaborate with development, DevOps, IT, and client stakeholders to prioritize and support vulnerability remediation
  • Continuously track emerging threats and attack techniques and enhance testing methodologies accordingly
  • Certifications (At Least One Mandatory): CRTO – Certified Red Team Operator
  • OSCP – Offensive Security Certified Professional
  • CRTP – Certified Red Team Professional
  • GPEN – GIAC Penetration Tester
  • CEH – Certified Ethical Hacker
  • CompTIA PenTest+
  • CISSP / CISM (Good to have for senior / leadership roles)
  • Work Experience: 8 to 12 years

Nice to have

CISSP / CISM (Good to have for senior / leadership roles)

AMBC - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

VAPT Manager

8 matching positions

Sales Account Manager

Manage and grow a portfolio of key accounts, serving as the primary point of con...
Location
Location
Saudi Arabia , Riyadh
Salary
Salary:
Not provided
gizasystems.com Logo
Giza Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong communication, interpersonal, and negotiation skills
  • Excellent organizational and time management abilities
  • Strong relationship-building and teamwork skills
  • Good analytical and problem-solving capabilities
  • Strategic thinking and decision-making skills
  • Customer-focused mindset with a strong service orientation
  • Self-motivated and able to perform effectively under pressure
  • Proficient in Microsoft Office applications with strong administrative skills
  • Fluent in English, both written and spoken
  • Strong stakeholder management, communication, and influencing skills
Job Responsibility
Job Responsibility
  • Manage and grow a portfolio of key accounts, serving as the primary point of contact for assigned clients
  • Develop and maintain strong, long-term relationships with clients to ensure high levels of engagement, trust, and customer retention
  • Gain a deep understanding of clients’ business objectives, operational challenges, and industry trends to proactively identify opportunities for value creation
  • Conduct regular business reviews and client meetings to assess needs, address concerns, and strengthen partnerships
  • Identify, develop, and capitalize on new business opportunities within existing and prospective accounts
  • Collaborate with clients to understand evolving business requirements and propose tailored solutions that align with their strategic goals
  • Drive the achievement of sales, profitability, and cash flow targets through effective account planning and opportunity management
  • Analyze market trends, customer insights, and competitor activities to support business growth initiatives and market expansion
  • Develop and execute strategic account plans to achieve or exceed sales objectives and business targets
  • Monitor, forecast, and report on key account metrics, sales pipelines, and revenue performance
  • Fulltime
Read More
Arrow Right

Application Security Engineer

Security Risk Assessment Security Policies, Standards, Guidelines, And Procedure...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 3 years of experience in application security or software development with security focus
  • Strong experience in DevSecOps with a solid foundation in cybersecurity and risk assessment
  • Hands-on knowledge of secure software development lifecycle (SSDLC) principles and tools
  • Familiarity with integrating security testing tools and practices within CI/CD environments
  • Experience with secure coding and vulnerability assessments across common web and mobile technologies
  • Ability to work with and guide development teams without being directly involved in implementation
  • Excellent communication skills and the ability to translate complex security requirements into practical advice
Job Responsibility
Job Responsibility
  • Perform comprehensive risk assessments of development environments, DevOps workflows, and CI/CD processes
  • Perform security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
  • Review and recommend improvements in areas such as identity and access management, network security, secure SDLC practices, source code management, cryptographic key handling, and data protection
  • Guide application teams on adopting secure development practices and integrating security tools such as SAST, DAST, and VAPT into their workflows
  • Review existing CI/CD pipelines from a security perspective and provide expert recommendations to align with DevSecOps principles
  • Mentor and advise internal teams on secure coding practices across various platforms and languages (e.g., JavaScript, Node.js, Java, C#, Python, etc.)
  • Develop and maintain secure coding guidelines and security standards
  • Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
What we offer
What we offer
  • Hybrid working mode
  • 18 days of Annual leave
  • Comprehensive coverage including General Practitioner, hospitalization, dental, and optical
  • Annual bonus based on individual performance
  • Training programs, certification opportunities, and training incentives to support career growth
  • Regular team-building activities and social events
  • Fulltime
Read More
Arrow Right

Network Security Engineer

We are seeking a talented and proactive Network Security Engineer to join our ex...
Location
Location
Sri Lanka
Salary
Salary:
Not provided
iqzsystems.com Logo
IQZ Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 1+ years cloud networking (AWS/Azure/GCP)
  • 3+ years managing routers, switches, and network security appliances
  • Hands‑on experience with Fortinet firewalls
  • Juniper experience preferred
  • Knowledge of Wi‑Fi technologies, SD‑WAN, AD, DNS, DHCP, and server environments
  • Familiarity with SIEM, endpoint security, vulnerability management, and basic incident response
  • Strong troubleshooting, analytical, communication, and documentation skills
  • Bachelor’s degree in Computer Science, Engineering, Information Systems, or equivalent experience
Job Responsibility
Job Responsibility
  • Manage and optimize daily network operations ensuring availability and performance
  • Design and support multi‑cloud network solutions (AWS, Azure, GCP)
  • Deploy/manage SD‑WAN, Internet connectivity, and wireless networks
  • Configure and maintain firewalls, routers, switches, VPNs, IDS/IPS, and core services
  • Troubleshoot complex network issues and perform root cause analysis
  • Maintain accurate documentation (topologies, SOPs, configurations)
  • Conduct capacity planning and continuous performance monitoring
  • Coordinate with ISPs/vendors and evaluate new network/security technologies
  • Work with IT Security to maintain secure network architectures
  • Monitor and respond to alerts across firewalls, endpoint security, Netskope, SIEM, etc.
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst

We are looking for a Lead Cybersecurity Analyst who can take ownership of the or...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
Farenexus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cloud and application security, with hands-on AWS production environments
  • Strong knowledge of Java (Spring/Spring Boot) and frontend security (Vue.js)
  • Solid understanding of MySQL security and data protection
  • Experience with risk assessment, vulnerability management, and incident response
  • Working knowledge of DPAs, BCP/DR, VAPT, and bug bounty programs
  • Relevant security or cloud certifications such as AWS Security Specialty, CISSP, CISM, or similar
  • Experience with containerized workloads and Kubernetes security
  • Familiarity with modern authentication and authorization approaches such as OAuth2 and OpenID Connect
  • Experience working in agile or Descopes environments
Job Responsibility
Job Responsibility
  • Define and maintain the organization’s security strategy, policies, standards, and architecture principles
  • Act as a security advisor to engineering, product, and leadership teams, ensuring alignment with business and regulatory requirements
  • Design and govern secure AWS architectures, including IAM, networking, and core AWS security services
  • Continuously assess cloud environments and drive remediation of security risks and misconfigurations
  • Lead application security reviews, threat modeling, and risk assessments for Java based backend services and Vue.js frontend applications
  • Embed security into the SDLC through secure coding practices, CI/CD security controls, and vulnerability management
  • Define and enforce data and database security controls, including encryption, access management, and auditing
  • Support compliance, audits, DPAs, BCDR planning, vulnerability assessments, and penetration testing activities
  • Lead incident response processes, security monitoring, and post-incident improvement initiatives
  • Collaborate with engineering and DevOps teams to promote a security-by-design culture and provide practical security guidance
What we offer
What we offer
  • Competitive compensation, benefits, and opportunities for growth
Read More
Arrow Right

IT Audit & Compliance

ESK Technologies is seeking an experienced IT Audit & Compliance to join our tea...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
ESK Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Familiarity with SEBI Cyber Security Guidelines
  • Understanding of ISO 27001, COBIT, NIST, SOC 2 frameworks
  • Awareness of SEBI circulars (e.g., System audit, VAPT frequency, cyber incident reporting timelines)
  • Conducting and documenting IT Risk Assessments
  • Understanding of risk rating (like × impact, residual risk, control mapping)
  • Hands-on with risk registers, risk treatment plans
  • Review of access Management, change management, backup, logging, resilience
  • Ensure event log generation, session handling, security controls are in place
  • Experience in tools like Nessus
  • Drafting & validating IT policies: password, backup, access, data retention, encryption
Job Responsibility
Job Responsibility
  • Ensuing SEBI Guidelines are followed going through new sebi rules which keep coming
  • Creating reports for multiple Audits and Submitting to exchange
  • Operational Audit (Evaluation of Company operations on IT/Security and Trading)
  • IT Risk Audit
  • Policy Enforcement
  • Documentation
  • Data protection Audits
  • Application Audits
  • Performing Internal Audits
  • Being updated with latest Audit Frameworks
Read More
Arrow Right

Principal Security Engineer

We are seeking a visionary and hands-on Principal Security Engineer to architect...
Location
Location
United States , San Antonio
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in cybersecurity
  • At least 5 years dedicated to Application Security or Cloud Security engineering
  • Deep technical proficiency in AWS, including native security services (GuardDuty, Inspector, WAF, KMS) and IAM policy architecture
  • Strong coding/scripting background
  • Must be able to read and review code in languages such as Python, Go, Java, or Node.js
  • Expert knowledge of modern application security frameworks and standards, specifically OWASP Top 10, OWASP API Security Top 10
  • Proven experience implementing and managing DevSecOps pipelines (Jenkins, GitHub Actions) and toolchains (SonarQube, Snyk, Veracode, etc.)
  • Hands-on experience with Container Security (Docker, Kubernetes) and securing serverless architectures
  • Demonstrated ability to write clear, concise technical policies and procedures
Job Responsibility
Job Responsibility
  • Draft and own technical security policies and procedures for Engineering and Product teams
  • Serve as the primary security liaison to the Engineering and Delivery teams
  • Partner with the Head of InfoSec and GRC teams to maintain our Unified Control Framework
  • Architect and mature the Secure Software Development Lifecycle (SSDLC)
  • Lead threat modeling for new features and major architectural changes
  • Manage the Vulnerability Assessment and Penetration Testing (VAPT) program
  • Act as a mentor to developers, providing "just-in-time" training on secure coding practices
  • Own the security architecture for our multi-cloud environment (AWS, Azure, GCP)
  • Pioneer our AI Security Strategy
  • Design and maintain Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP) strategies
Read More
Arrow Right

Deputy Manager – Cyber Audit

Deputy Manager – Cyber Audit role in IT consulting.
Location
Location
India , Mumbai
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 7 years work experience
Job Responsibility
Job Responsibility
  • Conduct hands-on cyber security audits across network, application, and infrastructure environments
  • Perform network security audits, including firewalls, VPNs, network segmentation, and perimeter controls
  • Carry out application security audits and testing for web and mobile applications based on OWASP Top 10
  • Execute and support Vulnerability Assessment & Penetration Testing (VAPT) for networks and applications
  • Analyze scan results, validate vulnerabilities, and remove false positives
  • Map technical findings to ISO 27001, NIST, and CIS benchmarks and create audit observations
  • Prepare clear cyber audit and VAPT reports with risk ratings and remediation recommendations
  • Support client discussions and remediation validation in coordination with IT and security teams
Read More
Arrow Right

Application Penetration Tester

We are looking for security engineer who loves solving interesting problems and ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
Job Responsibility
Job Responsibility
  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right