Cyber Security Consultant

We are seeking a highly skilled and motivated Mid-Tier Cyber Security Consultant with 4–5 years of proven experience in Vulnerability Assessment and Penetration Testing (VAPT), client handling, and red teaming. The ideal candidate will be a self-motivated professional with strong technical expertise and exceptional soft skills, capable of delivering high-quality services in a fast-paced, client-focused environment. Preference will be given to candidates with relevant certifications and experience in a vendor-side company.

Key Responsibilities

• Vulnerability Assessment and Penetration Testing (VAPT):
  • Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, cloud environments, and mobile applications.
  • Identify, analyze, and prioritize security vulnerabilities using industry-standard tools and methodologies.
  • Develop detailed technical reports with findings, risk assessments, and remediation recommendations tailored to technical and non-technical stakeholders.
  • Stay updated on emerging threats, vulnerabilities, and attack vectors to enhance testing methodologies.
  • Red Teaming:
    • Plan and execute advanced red team engagements, simulating real-world cyberattacks to test organizational defenses.
    • Perform reconnaissance, social engineering, privilege escalation, and lateral movement to identify weaknesses in security controls.
    • Collaborate with blue teams to validate detection and response capabilities, providing actionable insights to improve security posture.
    • Document red team activities, including attack scenarios, methodologies, and outcomes, in clear and concise reports.
    • Client Handling:
      • Act as the primary point of contact for clients, building strong relationships and ensuring clear communication throughout the engagement lifecycle.
      • Conduct scoping meetings, gather requirements, and tailor security assessments to meet client-specific needs and objectives.
      • Present findings and recommendations to clients in a professional and approachable manner, addressing both technical and business audiences.
      • Manage client expectations, resolve concerns promptly, and ensure high levels of client satisfaction.
      • Project Management and Delivery:
        • Manage multiple concurrent projects, ensuring timely delivery of high-quality results within scope and budget.
        • Develop project plans, timelines, and deliverables in collaboration with internal teams and clients.
        • Proactively identify risks and challenges in engagements and implement solutions to maintain project momentum.

Required Qualifications

• Experience:
  • 4–5 years of hands-on experience in cyber security, with a focus on VAPT and red teaming.
  • Proven track record in a vendor-side company, delivering security services to diverse clients across industries.
  • Demonstrated experience in managing end-to-end VAPT engagements, including scoping, execution, and reporting.
  • Hands-on experience in red team operations, including adversarial simulation and advanced attack techniques.
• Certifications (Preferred):
  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (CEH)
  • GIAC Penetration Tester (GPEN)
  • Certified Red Team Professional (CRTP)
  • Other relevant certifications (e.g., CompTIA PenTest+, CISSP, or equivalent)
• Soft Skills:
  • Excellent communication and presentation skills, with the ability to explain complex technical concepts to non-technical stakeholders.
  • Strong interpersonal skills, with a client-centric approach to build trust and long-term relationships.
  • Self-motivated and proactive, with a strong sense of ownership and accountability for deliverables.
  • Ability to work independently and collaboratively in a team-oriented environment.
• Preferred Qualifications
  • Experience working in a vendor-side cyber security firm, delivering services to clients in sectors such as finance, healthcare, or technology.
  • Familiarity with compliance frameworks such as ISO 27001, GDPR, or NIST.
  • Ability to mentor junior team members and contribute to knowledge-sharing initiatives.