Security Analyst

About the Company: Softcell is a CERT-In Empanelled leading IT solutions provider with over three decades of experience in delivering cutting-edge technology solutions to enterprise customers. We specialise in integrating the latest IT infrastructure and software solutions to drive business success. Join our dynamic team to help shape the future of IT in India.

About the Role: Security Analyst - VAPT

Responsibilities:

• Perform Vulnerability Assessments and Penetration Testing (VAPT) on networks, web applications, mobile applications, database, APIs, cloud infrastructure, and other digital assets for both internal systems and client environments.
• Execute Blackbox, Whitebox, and Greybox testing approaches to simulate different attack scenarios.
• Design and execute phishing simulation campaigns and DDoS/DoS attacks to assess the organization's and clients' response capabilities.
• Identify and exploit security vulnerabilities in both internal and client systems, providing a detailed analysis of security gaps.
• Collaborate with internal teams and client stakeholders to address vulnerabilities and ensure remediation.
• Participate/design Red Team/Blue Team exercises, simulating adversarial attacks (Red Team) and defence strategies (Blue Team) to strengthen security operations for both internal systems and clients.
• Provide detailed, comprehensive reports of findings for clients, including risk assessments, remediation steps, and recommendations for improving security controls.
• Perform retesting to verify remediation of vulnerabilities for internal and client systems.
• Stay updated on the latest security threats, dark web trends, and attack techniques, applying this knowledge to enhance security practices in client engagements.
• Develop and maintain security testing methodologies and checklists based on industry standards (e.g., OWASP, NIST, ISO 27001), ensuring they are applied to both internal and client VAPT projects.

Qualifications: Bachelor’s degree in computer science, Information Security, or a related field.

Required Skills:

• Strong understanding of penetration testing methodologies across Blackbox, Whitebox, and Greybox testing.
• Hands-on experience with phishing simulations and DDoS/DoS attack scenarios.
• Experience conducting and participating in Red Team/Blue Team exercises.
• Strong ability to explain technical vulnerabilities to non-technical stakeholders.
• Excellent problem-solving skills with attention to detail.

Preferred Skills: Relevant certifications such as CEH, OSCP, CPENT, LPT, CRTE or CRTP are highly desirable.

Pay range and compensation package: Pay range or salary or compensation

Equal Opportunity Statement: Include a statement on commitment to diversity and inclusivity.

Interview Mode:

1) Interview onsite, no virtual interview

2) Three rounds - HR, Practical, Verbal respectively