The Role
Perform vulnerability assessments and penetration tests on web and mobile applications, source code, and network devices using tools like BurpSuite, Nessus, Nmap, Metasploit, and OWASP ZAP. Analyze scan and exploit results, recommend remediations, monitor new vulnerabilities, and maintain expertise in attack techniques and countermeasures.
Summary Generated by Built In
VAPT Engineer
Location: Remote
Work Type: Full time
About Us,
Scrut Automation is a one-stop shop for infosec compliance. It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience.
The Scrut platform provides the fastest solution for achieving and maintaining compliance across global standards, including but not limited to SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, or CCPA, through its 'single window' operations. Scrut acts like an organisation’s virtual CISO, so they can focus on their business and leave compliance to Scrut.
We are proliferating and looking to build a strong team to join us on this journey,
Responsibilities
- Conduct Vulnerability Assessments of Web Application, Mobile Application (IOS and APK) Source Code Review and Network Devices using various open-source and commercial tools
- Conduct penetration tests and launch exploits using Burpsuite, Nessus, etc penetration testing distribution tools sets
- Research and maintain proficiency in Application and Computer Network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
- Analyze scan reports and suggest remediation/mitigation plan
- Keep track of new vulnerabilities on various network and security devices for different vendors
Pre-Requisites
- Experience in Application and Network vulnerability scanning and penetration testing
- Experience with Nessus, NMAP, Metasploit, Burpsuite, OWASP Zap and similar
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, and
- Gateway security solutions (proxy, web filtering)
- In-depth understanding of Common Vulnerability Exposure (CVE)/ Cert advisory database
- Self-starter and ability to deliver under defined timelines
Requirements
- Certifications like CEH, CPT,LPT, EJPT, CCNA, OSCP preferred
- At least 2-4 years in the field of IT Security Services
- Graduate degree
- Broad background in networks, operating systems (Windows, Unix, Linux), firewalls and security engineering concepts;
- Knowledge of scripting languages (C++, C#, Perl, CGI, HTML, Java, TCL, Shell) will be added advantage
Why should this job excite you?
- Opportunity to make an early impact on one of the most promising,high-growth SaaS startups in India
- Flat-hierarchical, performance-driven culture
- Rapid growth and learning opportunity
- Comprehensive medical insurance coverage
- A high-performing action-oriented team
- Immense exposure to the founders and the leadership
- Opportunity to shape the future of the B2B SaaS team with YOUR innovative ideas
- The competitive compensation package, benefits, and employee-friendly work culture
Note: Due to a high volume of applications, only the shortlisted candidates will be contacted by the HR team. We appreciate your interest and effort.
Skills Required
- Experience in application and network vulnerability scanning and penetration testing
- Experience with Nessus, Nmap, Metasploit, BurpSuite, OWASP ZAP
- Knowledge of network security technologies: Firewall, IPS, VPN, gateway security (proxy, web filtering)
- In-depth understanding of CVE / CERT advisory databases
- Self-starter with ability to deliver under defined timelines
- Certifications like CEH, CPT, LPT, EJPT, CCNA, OSCP
- 2-4 years experience in IT security services
- Graduate degree
- Broad background in networks, operating systems (Windows, Unix, Linux), firewalls and security engineering concepts
- Knowledge of scripting languages (C++, C#, Perl, CGI, HTML, Java, TCL, Shell)
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Scrut Automation is a modern GRC platform designed to help fast-growing organizations simplify security, compliance, and risk management. By combining continuous automation with expert guidance, Scrut reduces manual workloads, accelerates audit readiness, and empowers teams to scale their security posture confidently. From HIPAA and SOC 2 to ISO 27001, GDPR, PCI, and beyond, Scrut helps teams achieve multi-framework compliance with ease.
.png){kind=logo}
