Principal Engineer - VAPT L2

Role Overview
The Cybersecurity VM & VAPT Analyst is responsible for managing Vulnerability Management (VM) and Vulnerability Assessment & Penetration Testing (VAPT) activities across the organization. This role handles escalated findings, coordinates remediation efforts, and works with IT, DevOps, and application teams to reduce security risks and improve the overall security posture.Key ResponsibilitiesProvide Level-2 support for vulnerability management and VAPT operationsPerform and manage vulnerability scans across infrastructure, applications, cloud, and endpointsAnalyze vulnerability findings, validate false positives, and assess risk severityCoordinate remediation with infrastructure, application, and DevOps teamsTrack vulnerabilities through closure and ensure SLA complianceSupport internal and external VAPT exercises and penetration testing activitiesReview penetration test reports and assist in remediation planningConduct risk-based vulnerability prioritization using CVSS and threat contextMaintain VM dashboards, metrics, and regular reportingDevelop and maintain VM/VAPT SOPs, standards, and playbooksSupport audits and compliance requirements (ISO 27001, SOC 2, PCI DSS, etc.)Assist in post-remediation validation and re-testingRequired Skills & Qualifications years of experience in Vulnerability Management / VAPT / CybersecurityStrong understanding of vulnerability assessment methodologies and OWASP Top 10Hands-on experience with VM tools (Qualys, Tenable, Rapid7, Nexpose, etc.)Familiarity with penetration testing tools and reports (Burp Suite, Nessus, Metasploit)Knowledge of operating systems, networks, and common attack vectorsExperience with remediation tracking and risk acceptance processesBasic scripting skills (Python, Bash, PowerShell) preferredTop of FormBottom of Form