Security Consultant (VAPT)

Responsibilities

• Perform hands‑on security assessments and compliance testing across web applications, mobile applications, APIs, infrastructure, and cloud environments, aligned with regulatory and industry standards such as MAS TRM, OWASP, and CIS benchmarks.
• Conduct web and mobile application penetration testing, including authentication, session management, business logic, and API security testing based on OWASP methodologies (e.g., OWASP Top 10, OWASP ASVS, OWASP MSTG).
• Perform infrastructure and network security assessments, including internal/external penetration testing, configuration reviews, and vulnerability validation.
• Conduct secure code reviews across multiple technology stacks (e.g., Java, Python, JavaScript, Swift, Kotlin), identifying vulnerabilities and recommending remediation.
• Utilize a wide range of tools for offensive security testing, such as Burp Suite, Nmap, Metasploit, Nessus, and cloud‑native security too...