Security Engineer (VAPT)

Who We AreNEXT Ventures is where ambition takes shape and momentum becomes movement. As a global platform revolutionizing access to performance-based capital, we empower the world’s most driven individuals to rise. Through our flagship brand, FundedNext, we empower dreamers to become doers, and potential to turn into performance. With 500+ driven minds across five countries, we power a global rhythm—220,000+ daily users from 170+ nations, each chasing greatness in their own way.Your Role in Our MissionAs a Security Engineer (VAPT), you will identify, exploit, and report security weaknesses across our applications, networks, cloud infrastructure, and endpoints. Your role will require you to combine offensive security expertise with defensive collaboration, ensuring that vulnerabilities are identified early, validated, and remediated effectively. You will work closely with our DevOps and Engineering teams to strengthen the organization’s overall security posture.How You’ll Make An ImpactOffensive Security & TestingConduct vulnerability assessments across applications, networks, APIs, cloud environments, and endpoints.Perform penetration tests (black-box, gray-box, and white-box) to simulate real-world attack scenarios.Identify and exploit security flaws in web applications, mobile apps, and infrastructure components.Collaboration & RemediationCollaborate with development and infrastructure teams to validate findings and recommend effective fixes.Support continuous security testing in CI/CD pipelines through DevSecOps integration.Track remediation progress and retest vulnerabilities to ensure successful closure.Reporting & Knowledge SharingDocument findings with clear risk ratings, proof-of-concept exploits, and actionable remediation steps.Contribute to internal security standards, hardening guides, and awareness initiatives.Research & InnovationStay ahead of emerging exploits, attack vectors, and evolving security tools to continuously strengthen defenses.Experiment with new techniques, tools, and frameworks to improve testing efficiency and expand offensive capabilities.What You BringA Bachelor’s degree in EEE, CSE, ETE, IT, or a related field2+ years of hands-on experience in VAPT, red teaming, or offensive securityProficiency with tools such as Burp Suite, Metasploit, Nmap, Nessus, Nikto, OWASP ZAP, and Kali LinuxStrong understanding of OWASP Top 10, SANS Top 25, MITRE ATT&CK, and CVSS scoringFamiliarity with cloud platforms (AWS, Azure, GCP) and their security testing methodologiesSolid knowledge of secure coding principles, authentication models, and encryptionAbility to write custom scripts and exploits in Python, Bash, PowerShell, or GoStrong reporting and communication skills, with the ability to engage both technical and executive audiencesPreferred certifications such as OSCP, PNPT, eJPT, or Burp Suite Certified PractitionerYour X-FactorYou have hands-on experience with VAPT, red teaming, or penetration testing, and can demonstrate real-world exploits and remediation.You are highly proficient with security tools like Burp Suite, Metasploit, Nmap, Nessus, and Kali Linux, and can write custom scripts or exploits in Python, Bash, PowerShell, or Go.You understand cloud environments (AWS, Azure, GCP), secure coding principles, authentication models, and encryption, enabling you to test and secure modern applications effectively.You can translate technical findings into actionable insights for both engineering teams and executives, helping drive timely remediation and stronger security practices.Your Pay & PerksSalary Range: NegotiableBi-annual salary review (Eligibility Condition Applies).Festival bonus (Eligibility Condition Applies).Celebrate birthday leave and great team events.Start your next chapter with our special honeymoon package.Unwind together at annual company retreats.Kick back with game nights and all-access sports zones – billiards, foosball, PlayStation, cricket, football & badminton.Get moving with an in-house fitness trainer to keep your mind and body in sync.Opportunities for relocation to Sri Lanka and Malaysia, subject to business needs, with travel allowances.Your Journey after Applying30 minute HR interview with the Talent Acquisition team member45 minute Technical Get-To-Know-You Session (with talent acquisition team & department front line manager)60-minute Final Interview Session (with head of department & talent acquisition lead)Why Join NEXTAt NEXT Ventures, we believe the right talent fuels breakthrough innovation. If you're driven to connect great minds with big ideas and want to shape the future of fintech, we’d love to meet you. Join our team of bold thinkers where technology meets transformation.Apply now and be part of our journey — the future is calling, and it starts with you.