44 Nopalcyber Avp Vapt jobs in India
NopalCyber- AVP-VAPT
Job Viewed
Job Description
NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client's needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.
We are offering the right individual an opportunity to become a part of the Sales team to offer state-of-the-art services in the Cybersecurity industry.
Role Overview
As AVP/VP – Cybersecurity Operations, you will provide strategic and technical leadership for NopalCyber's Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery.
You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development.
Key Responsibilities
- Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction.
- Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments.
- Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies.
- Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations.
- Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement.
- Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages.
- Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility.
- Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded.
- Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces.
- Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services.
- Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity.
Required Qualifications
- Bachelor's degree in Engineering, Computer Science, or a related field; a Master's is preferred.
- 15+ years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains.
- Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs.
Preferred Certifications
- Mandatory: OSCP, CEH
- Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP
Desired Skills
- In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques.
- Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect.
- Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments.
- Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines.
- Capability to present complex technical findings in clear, business-relevant language to executive stakeholders.
Leadership Attributes
- Strategic thinker with a track record of scaling cybersecurity programs or service lines.
- Proven ability to lead, mentor, and retain high-performing technical teams.
- Exceptional client engagement and communication skills.
- Ability to influence and collaborate across teams and functions to drive security outcomes.
Job No Longer Available
This position is no longer listed on WhatJobs. The employer may be reviewing applications, filled the role, or has removed the listing.
However, we have similar jobs available for you below.
NopalCyber- AVP-VAPT
Posted today
Job Viewed
Job Description
NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client's needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.
We are offering the right individual an opportunity to become a part of the Sales team to offer state-of-the-art services in the Cybersecurity industry.
Role Overview
As AVP/VP – Cybersecurity Operations, you will provide strategic and technical leadership for NopalCyber's Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery.
You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development.
Key Responsibilities
- Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction.
- Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments.
- Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies.
- Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations.
- Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement.
- Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages.
- Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility.
- Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded.
- Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces.
- Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services.
- Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity.
Required Qualifications
- Bachelor's degree in Engineering, Computer Science, or a related field; a Master's is preferred.
- 15+ years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains.
- Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs.
Preferred Certifications
- Mandatory: OSCP, CEH
- Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP
Desired Skills
- In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques.
- Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect.
- Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments.
- Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines.
- Capability to present complex technical findings in clear, business-relevant language to executive stakeholders.
Leadership Attributes
- Strategic thinker with a track record of scaling cybersecurity programs or service lines.
- Proven ability to lead, mentor, and retain high-performing technical teams.
- Exceptional client engagement and communication skills.
- Ability to influence and collaborate across teams and functions to drive security outcomes.
Vulnerability Assessment and Penetration Testing
Posted today
Job Viewed
Job Description
**Job Summary**:
**Responsibilities**:
2. Perform manual and automated security assessments, leveraging industry-standard tools and techniques.
3. Analyse and interpret security assessment results to prioritize vulnerabilities based on risk level and potential impact.
4. Collaborate with development teams to provide guidance on secure coding practices and remediation strategies.
5. Prepare detailed reports documenting findings, including proof-of-concept demonstrations and recommendations for mitigation.
7. Participate in red team exercises and security incident response activities as needed.
**Requirements**:
1. bachelor's degree in computer science, Information Security, or related field (or equivalent work experience).
3. Proficiency in using industry-standard penetration testing tools such as Burp Suite, OWASP ZAP, Nmap, and Metasploit.
5. Familiarity with web technologies and frameworks, such as JavaScript, PHP, ASP.NET, and Ruby on Rails.
6. Excellent analytical and problem-solving skills, with the ability to think creatively to exploit vulnerabilities.
7. Effective communication skills, including the ability to articulate technical concepts to both technical and non-technical stakeholders.
8. Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Web Application Penetration Tester (GWAPT) are a plus.
**Location: Bengaluru**
**Salary**: ₹400,000.00 - ₹600,000.00 per year
Application Question(s):
- How many years of experience do you have in VAPT?
- Can you attend face to face interview?
**Experience**:
- total work: 1 year (required)
Work Location: In person
Vulnerability Assessment and Penetration Testing
Posted today
Job Viewed
Job Description
- The role would require a person with hands-on experience in Vulnerability assessment and Penetration testing program in Enterprise environment having host of tools and technologies.
- Must have experience in running Vulnerability Management and Penetration testing program.
- Must Have: Experience in Tools for Firewall Evasion, Abuses to IPSec VPN, Border Gateway Protocol, GRE Tunnelling.
- Be able to Perform and lead an assessment or penetration test.
- Must produce management dashboard for open Vulnerabilities and Risk for enterprise.
- Shall be able to provide mitigating controls for open risk and exploits for the enterprise environment.
- Shall maintain risk register for open cyber risks in the enterprise.
- Be able to lead a red team engagement and participate in a purple team engagement.
- Have experience in developing exploits and tooling from vulnerabilities both pre and post exploitation.
- Should have experience with tools Burp suite, Metasploit, Tenable, SQL Map, NMAP, SCAPY, and other tools.
- Conduct vulnerability assessment and penetration testing and configuration review for systems and networks.
- Support and recreate proofs of concept from security reports.
- Good exposure to Cloud Applications like AWS, Azure and other SAAS Applications
- Experience in Automating Security tasks using Python or Java Frameworks is a bonus.
- Should be able to think ""Out of the box"".
- Possess ability to think and implement new attack approaches/vectors.
**Skills**
- Strong oral and written communication, analytical and problem-solving skills, as well as excellent judgment on data analysis.
- Proficient in Stakeholder Management and Team Leadership
- Tools - Burp suite, Metasploit, Tenable, SQL Map, NMAP, SCAPY, and other tools.
**Education Qualification**:
- BE / BTECH
- Additional certification would be an added advantage: CEH, CISA, ISO27001, ISO22301, CISSP
**Experience**:
- 3-6 years of proven experience as lead in VAPT and areas having hand on experience on various tools.
**Job Types**: Full-time, Permanent
Pay: Up to ₹2,000,000.00 per year
**Benefits**:
- Health insurance
- Paid sick time
- Provident Fund
Schedule:
- Day shift
Work Location: In person
Pentester - Vulnerability Assessment & Penetration Testing (VAPT)
Posted today
Job Viewed
Job Description
We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you’ll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes.
Key Responsibilities:
- Perform manual and automated penetration testing across:
- Web Applications (based on OWASP Top 10)
- Infrastructure (external/internal IPs, firewall review, patch audits)
- Cloud Environments (basic Azure/AWS – IAM, Storage, Networking)
- Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures
- Use tools such as Burp Suite , Nmap , SQLMap , Nikto , Nessus/OpenVAS
- Write high-quality, detailed technical reports with:
- Screenshots for PoCs
- Remediation guidance
- Risk severity scoring (preferably CVSSv3 )
- Collaborate with clients to explain findings and provide actionable recommendations
- Contribute to toolchain improvements and lightweight automation (Python/Bash preferred)
Requirements
- 3–6+ years of hands-on experience in at least 2 of the following areas :
- Web Application Penetration Testing (OWASP Top 10)
- Infrastructure VAPT (internal/external, firewall, patch validation)
- Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking)
- Proficiency in:
- Manual testing techniques , fuzzing, and exploitation
- Burp Suite (Community or Pro)
- Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS
- Strong understanding of common vulnerabilities and exploitation techniques
Preferred Certifications
- CEH , eJPT , OSCP (or strong portfolio/proof of hands-on skill)
- AZ-500 or AWS Security Specialty (for cloud security exposure)
Good to Have
- Familiarity with scripting for automation (Python, Bash)
- Exposure to CVSSv3 for vulnerability scoring
- Experience with Dradis , Excel-based reporting , or similar tools
Vulnerability Assessment Penetration Testing 9 to
Posted today
Job Viewed
Job Description
- To integrate security as an integral part during SDLC so as to move from primitive security to security by design to impart customized security awareness trainings to developers on secure coding based on industry recognized best practices such as SANS Top 20 OWASP Top 10 NIST etc
- To review existing security awareness training material and align it to industry best practices To carry out periodic risk assessments to gauge security risks during system design and to monitor and manage them till closure.
- To carry out secure code reviews and to find out critical security flaws in the code.
**Primary Skills**:
- Advanced technical analysis on intrusions Providing rich client specific reports Assist in preparation of new joiner security kit Technically assist team in resolving installation setup issues etc of VAPT tools infrastructure.
**Secondary Skills**:
- Good written verbal communication skills Interact with senior management clients Hands on industry best standards tools Certification at min any one of the following CEH OSCP CPT LPT CHFI CISSP etc Eligibility Graduate from any university Experience in any reputed IT Service based company
Senior Consultant - VAPT (Vulnerability Assessment & Penetration Testing)
Posted today
Job Viewed
Job Description
Apt Resources is hiring for our client, a leading cybersecurity services firm, seeking an experienced Senior Consultant – VAPT to join their expert team. The ideal candidate will have deep expertise in infrastructure and application security assessments, penetration testing, and a solid understanding of modern security threats and countermeasures.
Key Responsibilities: Infrastructure VA/PT:- Conduct black-box and grey-box vulnerability assessments and penetration tests on system/network/cloud environments.
- Map network infrastructure, discover ports/services, and audit OS, network, and security configurations.
- Use tools like NMap, Nessus, Metasploit, Kali Linux for exploiting vulnerabilities.
- Stay current with CVEs and threat intelligence relevant to supported technologies.
- Prepare and present detailed findings and mitigation plans to clients.
- Deliver cloud infrastructure security assessments and configuration audits.
- Create and deliver comprehensive, client-specific technical reports.
- Perform vulnerability assessments of Web, Mobile, and Thick-client applications based on OWASP standards.
- Combine automated scanning with manual testing techniques to detect flaws.
- Conduct phishing and spear-phishing simulations to assess end-user security awareness.
Requirements
Qualifications:- Bachelor's degree in Computer Science, IT, or a related field.
- 8–10 years of hands-on experience in VAPT.
- CEH certification is required.
- OSCP or CREST certifications are a plus.
- Experience working in an MSSP (Managed Security Services Provider) environment is preferred.
- Strong understanding of Windows, Unix/Linux systems, firewalls, VPNs, and security infrastructure.
- Expertise in tools like NMap, Metasploit, Kali Linux, Nessus, NetCat, HPing, Qualys, and RetinaCS.
- Strong understanding of CVE databases, exploit development, and countermeasures.
- Familiarity with scripting languages such as C++, C#, Perl, HTML, Shell, etc.
- Knowledge of firewalls, IPS, DNS security, VLAN, web filtering, and VPNs.
- Experience with cloud security assessment across major platforms (AWS, Azure, GCP).
- Strong communication, presentation, and documentation skills.
- Ability to work independently and lead security assessments across client environments.
- Willingness to travel overseas for project deployments.
- Exposure to RFP response preparation, solution architecture, and client-facing presentations.
Benefits
Salary: Up to INR 18 LPA
Vulnerability Assessment Penetration Testing 4 to 6
Posted today
Job Viewed
Job Description
- Analyze scan reports and suggest remediation / mitigation plan
- Providing rich client specific reports
- Demonstration of proof of concepts for exploits, manual penetration testing
- Knowledge on open source and commercial security assessment tools e.g. Burpsuit, Nessus, Appscan, nmap etc.
- Security configuration review of database /servers / firewalls / switches / routers, etc
- Knowledge of operating systems preferably windows, linux etc. network equipment’s system & network hardening
**Primary Skills**:
**Secondary Skills**:
Certified with any technology such as CEH, CISSP, etc
Be The First To Know
About the latest Nopalcyber avp vapt Jobs in India !
Vulnerability Assessment Penetration Testing 4 to 6
Posted today
Job Viewed
Job Description
- To carry out secure code reviews and to find out critical security flaws in the code- Conduct penetration test and launch exploits using Burpsuite, Nessus, Metaspoilt, Backtrack penetration testing distribution tools sets
- Analyze scan reports and suggest remediation / mitigation plan
- Providing rich client specific reports
- Demonstration of proof of concepts for exploits, manual penetration testing
- Knowledge on open source and commercial security assessment tools e.g. Burpsuit, Nessus, Appscan, nmap etc.
- Security configuration review of database /servers / firewalls / switches / routers, etc
- Knowledge of operating systems preferably windows, linux etc. network equipment’s system & network hardening
- Primary Skills
- Secondary Skills
- Certified with any technology such as CEH, CISSP, etc
Vulnerability Assessment Penetration Testing 4 to 6
Posted today
Job Viewed
Job Description
- Conduct penetration test and launch exploits using Burpsuite, Nessus, Metaspoilt, Backtrack penetration testing distribution tools sets
- Analyze scan reports and suggest remediation / mitigation plan
- Providing rich client specific reports
- Demonstration of proof of concepts for exploits, manual penetration testing
- Knowledge on open source and commercial security assessment tools e.g. Burpsuit, Nessus, Appscan, nmap etc.
- Security configuration review of database /servers / firewalls / switches / routers, etc
- Knowledge of operating systems preferably windows, linux etc. network equipment’s system & network hardening
**Primary Skills**:
**Secondary Skills**:
- Certified with any technology such as CEH, CISSP, etc
Vulnerability Assessment Penetration Testing 4 to 6
Posted today
Job Viewed
Job Description
- Conduct penetration test and launch exploits using Burpsuite, Nessus, Metaspoilt, Backtrack penetration testing distribution tools sets
- Analyze scan reports and suggest remediation / mitigation plan
- Providing rich client specific reports
- Demonstration of proof of concepts for exploits, manual penetration testing
- Knowledge on open source and commercial security assessment tools e.g. Burpsuit, Nessus, Appscan, nmap etc.
- Security configuration review of database /servers / firewalls / switches / routers, etc
- Knowledge of operating systems preferably windows, linux etc. network equipment’s system & network hardening
**Primary Skills**
**Secondary Skills**
- Certified with any technology such as CEH, CISSP, etc