Cyber Security Engineer (VAPT)

Company Overview: Mithra Consulting is dedicated to ensuring the highest standards of cybersecurity. As part of our commitment to safeguarding our digital assets, we are seeking a talented and motivated VAPT Professional to join our dynamic team. The successful candidate will play a crucial role in assessing and fortifying the security of our web applications, APIs, and network infrastructure.

Responsibilities:

Conduct VAPT Assessments: Perform regular vulnerability assessments and penetration tests on web applications, APIs, and both internal and external network systems. Identify and assess security vulnerabilities, providing detailed reports with recommended remediation steps.

Web Application Security: MUST HAVE Evaluate the security of web applications, identifying and addressing vulnerabilities such as SQL injection, cross-site scripting, and authentication issues. Collaborate with development teams to integrate security best practices throughout the software development lifecycle.

API Security: MUST HAVE Assess the security posture of APIs, ensuring they adhere to industry best practices and standards. Work closely with development teams to secure APIs, implement proper authentication, and prevent common API-related vulnerabilities.

Network Security:MUST HAVE Conduct internal and external network penetration tests to identify weaknesses in the infrastructure. Collaborate with IT and network teams to implement security measures and enhance the overall network defense.

Mobile Security:GOOD TO HAVE Conduct internal and external network penetration tests to identify weaknesses in the Mobile Application (Android and iOS). Collaborate with relevant teams to implement security measures and enhance the overall security posture of the mobile application.

Documentation and Reporting: Document assessment methodologies, findings, and recommended remediation steps. Generate comprehensive and clear reports for both technical and non-technical stakeholders.

Stay Informed: Keep abreast of the latest security trends, vulnerabilities, and industry best practices. Continuously enhance skills through training and certifications.

Qualifications:

Relevant certification in cybersecurity like CEH etc Bachelor's degree in Computer Science, Information Security, or a related field. 1-3 years of practical experience in conducting VAPT assessments, focusing on web applications, APIs, and network security. Familiarity with common security frameworks and standards (OWASP, NIST, etc.). Hands-on experience with VAPT tools such as Burp Suite, OWASP Zap, Nmap, and Metasploit. Knowledge of scripting languages (Python, Bash) for automation and tool development is a plus. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to convey technical information to both technical and non-technical audiences.