> Back to Jobs

Senior VAPT Engineer

Posted on Jul 07, 2026

Title

Senior VAPT Engineer

Apply before

Aug 31, 2026

City

Lahore

Responsibilities

Summary of Job Profile:

The Senior VAPT Engineer will be responsible for planning, leading, and executing vulnerability assessments and penetration testing engagements across web applications, mobile applications, APIs, networks, cloud environments, and infrastructure. The role requires conducting both automated and manual security assessments, identifying security vulnerabilities, validating risks through exploitation, and delivering comprehensive reports with practical remediation recommendations. The Senior VAPT Engineer will also mentor junior team members, collaborate with clients and internal teams, and contribute to improving security testing methodologies, processes, and service quality.

Essential Duties & Responsibilities:

  • Plan, scope, and execute Vulnerability Assessment and Penetration Testing (VAPT) engagements for web applications, mobile applications, APIs, internal and external networks, cloud infrastructure, and other technology environments.
  • Work closely with clients to understand testing objectives, scope, business requirements, and engagement expectations.
  • Perform manual and automated penetration testing to identify, validate, and exploit security vulnerabilities while assessing their business impact.
  • Conduct vulnerability assessments using industry-standard security tools and validate findings through manual verification to eliminate false positives.
  • Perform security testing against recognized standards such as the OWASP Top 10, OWASP API Security Top 10, and other industry best practices.
  • Analyze penetration testing results and prepare detailed technical reports, executive summaries, risk ratings, proof-of-concept evidence, and actionable remediation recommendations.
  • Present technical findings, security risks, and mitigation strategies to clients and internal stakeholders.
  • Collaborate with development, infrastructure, and security teams to support vulnerability remediation and perform retesting to validate fixes.
  • Develop, maintain, and improve penetration testing methodologies, checklists, scripts, and automation tools to enhance testing efficiency.
  • Stay current with emerging cyber threats, attack techniques, vulnerabilities, and security research to continuously improve assessment capabilities.
  • Mentor and provide technical guidance to junior VAPT engineers and assist in knowledge sharing within the security team.
  • Support pre-sales activities, technical discussions, and client consultations when required.
  • Ensure testing activities comply with organizational policies, client requirements, and industry security standards.

Requirements

Knowledge, Skills, Abilities (KSA’s) required to successfully perform the job:

Knowledge

  • Strong knowledge of penetration testing methodologies and vulnerability assessment processes.
  • In-depth understanding of common security vulnerabilities, exploitation techniques, and remediation strategies.
  • Solid understanding of network protocols, operating systems, web technologies, APIs, cloud environments, and security architecture.
  • Familiarity with industry standards and frameworks including OWASP Top 10, OWASP API Security Top 10, NIST, ISO 27001, PCI-DSS, and CIS Benchmarks.
  • Knowledge of secure development practices and common attack vectors across modern applications.

Skills

  • Strong hands-on experience with penetration testing and vulnerability assessment tools including Nmap, Zmap, Burp Suite Professional, OWASP ZAP, SQLMap, Metasploit Framework, Nessus, OpenVAS, Wireshark, and related security tools.
  • Experience performing manual web application, API, network, and infrastructure penetration testing.
  • Strong analytical, troubleshooting, and problem-solving skills.
  • Excellent technical report writing and documentation skills.
  • Strong verbal communication and presentation skills with the ability to communicate technical concepts to both technical and non-technical audiences.
  • Ability to develop scripts for automating security testing using Python, Bash, or PowerShell is an advantage.

Abilities

  • Ability to lead penetration testing engagements independently from planning through reporting.
  • Ability to manage multiple projects while meeting deadlines.
  • Ability to mentor junior engineers and review technical deliverables.
  • Ability to maintain confidentiality and handle sensitive client information professionally.
  • Ability to work independently and collaboratively within cross-functional teams

Education, Experience, Licensure, Certification required for the position:

  • Bachelor's or Master's degree in Computer Science, Information Security, Cyber Security, or a related field.
  • Minimum of 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT).
  • Demonstrated experience conducting web application, API, network, and infrastructure penetration testing.
  • Professional certifications such as OSCP, OSWE, OSEP, CRTO, CEH, PNPT, GPEN, eWPT, or equivalent are preferred
  • Experience with cloud security assessments (AWS, Azure, or GCP) is considered an advantage.
    . 

Competencies required to successfully perform the job:

Technical Competencies

Behavioral/General Competencies

1. Vulnerability Assessment & Penetration Testing

2. Web Application Security

3. API Security Testing

4. Network Penetration Testing

5. Operating Systems (Windows/Linux)

6. Networking Protocols

7. Security Tools (Nmap, Burp Suite, OWASP ZAP)

8. Security Frameworks (OWASP, NIST, ISO 27001, PCI-DSS)

9. Cloud Security Assessment

1. Analytical Thinking

2. Problem Solving

3. Communication (Written & Verbal)

4. Leadership & Mentoring

5. Teamwork & Collaboration

6. Client Management

7. Reporting & Documentation

8. Time Management

9. Attention to Detail

10. Continuous Learning

Benefits

  • Excellent Salary
  • Fuel Allowance
  • Internet Allowance
  • Medical Insurance
  • Annual Leaves
  • Provident Fund
  • EOBI
  • Annual Bonus