IT Security Penetration Tester (m/w)

Job Title: VAPT Specialist (2-10 years) Company: Kirtane & Pandit LLP Location: Mumbai (On site) Job Summary Kirtane & Pandit LLP is seeking skilled and motivated VAPT Specialists to join its Cybersecurity practice. The role involves performing Vulnerability Assessment and Penetration Testing (VAPT) across networks, web and mobile applications, databases, and IT infrastructure. This is a client-facing role requiring expertise in security testing, report preparation, stakeholder interaction, and management of multiple engagements. Key Responsibilities Perform Vulnerability Assessment and Penetration Testing (VAPT) for: Network infrastructure o Web applications o Mobile applications (Android / iOS) o Databases Thick-client applications Conduct network penetration testing, web and mobile application testing, and wireless security assessments Perform configuration and security reviews for Operating Systems, Databases, Firewalls, Routers, Switches, and other infrastructure components Conduct threat analysis, source code reviews (preferred), and security assessments Identify vulnerabilities, exploitation paths, and provide risk-based remediation recommendations Prepare detailed technical reports and executive-level presentations Ensure timely delivery of status updates, audit reports, and client deliverables Act as a client-facing security consultant , presenting findings to technical teams, management, and leadership Manage multiple VAPT projects simultaneously , ensuring timely and high-quality delivery Assist in scoping engagements, effort estimation, and project planning Lead engagements and mentor junior team members , reviewing their work and supporting their development Develop scripts, tools, and methodologies to enhance testing capabilities Research and stay updated on new vulnerabilities, attack vectors, and security threats Support Red Team / Blue Team exercises and security assessments Travel to client locations as required Eligibility Criteria Experience: 2 to 10 years of relevant experience in VAPT / Penetration Testing / Security Testing Educational Qualification: UG: B.E / B.Tech / BCA – Computer Science / IT / Cyber Security PG (Preferred): M.E / M.Tech / MCA – Computer Science / IT / Cyber Security Required Technical Skills and Knowledge Strong understanding of VAPT concepts and methodologies Hands-on experience with: o Network Security Testing o Web Application Security Testing o Mobile Application Security Testing o Infrastructure Security Testing • Strong knowledge of: o TCP/IP and Networking concepts o OS, Firewall, Database, and Network Security • Familiarity with security standards and frameworks: o OWASP Top 10 o CWE / SANS Top 25 o CIS Benchmarks • Hands-on experience with tools such as: Kali Linux o Burp Suite o Nessus o Nmap Metasploit o Wireshark o SQLMap Other security testing tools Experience in manual penetration testing techniques (mandatory) Preferred Certifications CEH (Certified Ethical Hacker) OSCP (Preferred) CISSP CISA eJPT / eCPPT CREST (Preferred) Key Competencies Strong client-facing and consulting skills Ability to manage multiple projects Team handling and mentoring skills (for senior roles) Strong analytical and problem-solving abilities Excellent report writing and presentation skills Strong understanding of attacker tools, tactics, and procedures