We are seeking a highly skilled and motivated Mid-Tier Cyber Security Consultant with 4โ5 years of proven experience in Vulnerability Assessment and Penetration Testing (VAPT), client handling, and red teaming. The ideal candidate will be a self-motivated professional with strong technical expertise and exceptional soft skills, capable of delivering high-quality services in a fast-paced, client-focused environment. Preference will be given to candidates with relevant certifications and experience in a vendor-side company.
Key Responsibilities
- Vulnerability Assessment and Penetration Testing (VAPT):
- Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, cloud environments, and mobile applications.
- Identify, analyze, and prioritize security vulnerabilities using industry-standard tools and methodologies.
- Develop detailed technical reports with findings, risk assessments, and remediation recommendations tailored to technical and non-technical stakeholders.
- Stay updated on emerging threats, vulnerabilities, and attack vectors to enhance testing methodologies.
- Red Teaming:
- Plan and execute advanced red team engagements, simulating real-world cyberattacks to test organizational defenses.
- Perform reconnaissance, social engineering, privilege escalation, and lateral movement to identify weaknesses in security controls.
- Collaborate with blue teams to validate detection and response capabilities, providing actionable insights to improve security posture.
- Document red team activities, including attack scenarios, methodologies, and outcomes, in clear and concise reports.
- Client Handling:
- Act as the primary point of contact for clients, building strong relationships and ensuring clear communication throughout the engagement lifecycle.
- Conduct scoping meetings, gather requirements, and tailor security assessments to meet client-specific needs and objectives.
- Present findings and recommendations to clients in a professional and approachable manner, addressing both technical and business audiences.
- Manage client expectations, resolve concerns promptly, and ensure high levels of client satisfaction.
- Project Management and Delivery:
- Manage multiple concurrent projects, ensuring timely delivery of high-quality results within scope and budget.
- Develop project plans, timelines, and deliverables in collaboration with internal teams and clients.
- Proactively identify risks and challenges in engagements and implement solutions to maintain project momentum.
Required Qualifications
- Experience:
- 4โ5 years of hands-on experience in cyber security, with a focus on VAPT and red teaming.
- Proven track record in a vendor-side company, delivering security services to diverse clients across industries.
- Demonstrated experience in managing end-to-end VAPT engagements, including scoping, execution, and reporting.
- Hands-on experience in red team operations, including adversarial simulation and advanced attack techniques.
- Certifications (Preferred):
- Offensive Security Certified Professional (OSCP)
- Certified Ethical Hacker (CEH)
- GIAC Penetration Tester (GPEN)
- Certified Red Team Professional (CRTP)
- Other relevant certifications (e.g., CompTIA PenTest+, CISSP, or equivalent)
- Soft Skills:
- Excellent communication and presentation skills, with the ability to explain complex technical concepts to non-technical stakeholders.
- Strong interpersonal skills, with a client-centric approach to build trust and long-term relationships.
- Self-motivated and proactive, with a strong sense of ownership and accountability for deliverables.
- Ability to work independently and collaboratively in a team-oriented environment.
- Preferred Qualifications
- Experience working in a vendor-side cyber security firm, delivering services to clients in sectors such as finance, healthcare, or technology.
- Familiarity with compliance frameworks such as ISO 27001, GDPR, or NIST.
- Ability to mentor junior team members and contribute to knowledge-sharing initiatives.
