VAPT Manager

Job Title: VAPT ManagerLocation: Coimbatore, Tamil Nadu Experience: 5+ Years Employment Type: Full-time Department: Information Security / CybersecurityAbout the RoleWe are seeking a highly skilled Vulnerability Assessment & Penetration Testing (VAPT) Manager with a minimum of 5 years of hands-on experience in application, network, cloud, and infrastructure security testing. The ideal candidate will lead security assessments, manage client engagements, guide junior team members, and ensure delivery of high-quality security reports.Key ResponsibilitiesTechnical ResponsibilitiesConduct and oversee Vulnerability Assessments and Penetration Tests for web, mobile, network, API, cloud, and infrastructure environments.Perform manual and automated testing to identify vulnerabilities and validate risks.Develop exploitation strategies and PoCs where required.Review and validate findings reported by team members for accuracy and severity.Ensure alignment with security standards such as OWASP, NIST, SANS, MITRE ATT&CK, and ISO 27001.Collaborate with development, DevOps, and IT teams to support remediation strategies.Maintain security tools, frameworks, and methodologies for consistent assessment quality.Managerial & Leadership ResponsibilitiesLead the VAPT team and manage end-to-end project execution.Plan and allocate resources, timelines, and deliverables.Conduct knowledge-sharing sessions and mentor junior security analysts.Build and maintain strong relationships with clients; present findings and recommendations.Prepare and deliver high-quality security reports and executive summaries.Stay current with emerging threats, tools, and best practices.Required Skills & QualificationsBachelor’s degree in Computer Science, Information Security, or related field.5+ years of hands-on VAPT experience in web, mobile, network, cloud, and API security.Strong knowledge of tools such as Burp Suite, Nessus, Nmap, Metasploit, OWASP ZAP, Nikto, Acunetix, Kali Linux, etc.Solid understanding of secure coding, common vulnerabilities, exploit techniques, and remediation.Experience with SIEM, EDR, cloud platforms (AWS/Azure/GCP) is an advantage.Relevant certifications preferred: OSCP, CEH, eJPT, OSWE, CRT, CISSP (optional).Excellent communication, reporting, and stakeholder management skills.Nice-to-HaveExperience in security automation or scripting (Python, Bash, PowerShell).Exposure to threat modeling and red-teaming methodologies.Knowledge of DevSecOps workflows and CI/CD security integration.