Senior Officer- Vulnerability and pen testing (VAPT) analyst

Deadline: 31/1/2024

Job Description:

Main Responsibilities and Duties

  • Conduct vulnerability assessment of networks, IT services and applications,  and security devices, using various commercial and open source tools.
  • Conduct internal and external penetration testing, using known commercial and open source penetration testing tools.
  • Conduct mapping and discovery analysis on networks, servers, and security devices, to discover exposed services, vulnerabilities and infiltration points.
  • Conduct mapping and code reviews to expose applications vulnerabilities, misuse cases testing, interface testing.
  • Develop VAPT assessment scoping and implementation plans and schedules, in coordination with related IT/IS senior management and divisions, to insure tests are focused, adequate, and limited in scope, and does not cause any operational issues.
  • Work closely with other SOC team members and IS team to identify and document incidents/ potential threats, and mitigation techniques.
  • Ensure VAPT tests and incidents are correctly reported and documented in accordance with Cyber Security & Incident Response policies and procedures.
  • Build and maintain Cyber security documentation detailing threats, and mitigation techniques, for incidents, attacks, and vulnerabilities, that might arise from security audit, vendor news-letters or threats announced from well renown Cyber security tracking entities.
  • Maintain tracking record of Vulnerabilities and exploits records, it’s risk levels, its mitigation and solution techniques, and follow-up on its implementation with related party.
  • Remain vigilant, continuously conduct R&D, to learn new skills, and new tools, and suggest actions that will increase organization over all security posture.

Technical Requirements.

  • Strong experience in OSI layers and its Common protocols functionality, possible exploits, common threats, and preventions.
  • Strong Knowledge of commercial and open-source vulnerability and pen testing tools.
  • Strong Knowledge of one or more programming and scripting tools (Python, Java, PowerShell, Bash, SQL DDL and DML)
  • Strong understanding of protocols headers, flags, structure, and communication mechanisms.
  • Strong knowledge of well known attacks and vulnerabilities, and mitigation techniques.


College degree, preferably in Computer Science, or engineering is preferred.


Personal Competencies:

  • Good verbal/written communication.
  • Excellent interpersonal skills.
  • Works well under pressure.
  • Responsible attitude.
  • Positive team player.
  • Able to take initiative.
  • Good time management.
  • Attention to detail, methodical.

Required Certifications: Any of the below certification is a Plus, or other related.

  • OSCP (Offensive security certified professional) 
  • CEH (Certified Ethical Hacker).
  • LPT (Licensed Penetration testing Master)
Sorry! registration for this Job has expired!