Security Analyst - VAPT Application Cloud Security

Role Name: Security Analyst

Who are we?

Kapture CX is a leading SaaS platform that helps enterprises automate and elevate customer experience through intelligent, AI-powered solutions. We partner with enterprises across industries to bring scalable automation and insight-driven efficiencies to their CX operations. Over a thousand clients across 18 countries have used Kapture’s products to enhance their customer experience, including Unilever, Reliance Industries, The Coca-Cola Company, BigBasket, Meesho, Airtel Payments Bank and Cathay Pacific. Kapture delivers industry-specific solutions powered by AI, tailored workflows, and seamless automation.

Kapture CX is headquartered in Bengaluru and we have offices in Mumbai and Delhi NCR in India, in addition to offices in the USA, UAE, Singapore, Philippines and Indonesia.

What is this role all about?

We are looking for a Security Analyst with hands-on experience in VAPT, Pentesting, Application Security, Cloud Security, and Internal Audit Testing to strengthen Kapture’s overall security posture. This role will work closely with the CISO, Engineering, DevOps, Product, and Compliance teams to proactively identify vulnerabilities, secure cloud and application environments, and support audit and compliance initiatives across the organization.

Sounds interesting?

Here’s a more detailed description of what you will do in this role:

• Perform Web, API, SaaS, and Cloud VAPT assessments to identify and remediate security vulnerabilities
• Conduct manual and automated penetration testing across applications, infrastructure, and cloud environments
• Work closely with Product and Engineering teams to integrate secure coding and application security best practices
• Perform internal audit testing, control validation, evidence collection, and remediation tracking for security and compliance programs
• Assess cloud infrastructure security across AWS/Azure environments, including IAM, misconfigurations, and security hardening
• Conduct vulnerability assessments using industry-standard tools and provide risk-based remediation recommendations
• Support compliance initiatives aligned with ISO 27001, SOC 2, PCI DSS, GDPR, and related frameworks
• Collaborate with DevOps and Infrastructure teams to strengthen security monitoring, patch management, and threat detection
• Track emerging threats, vulnerabilities, and attack vectors affecting SaaS and cloud ecosystems
• Prepare detailed assessment reports, risk findings, audit observations, and management summaries
  
  

This is a Bengaluru-based role. We work five days a week from the office, as we believe in-person interactions fuel innovation and agility.

What does success look like in this role?

Success means proactively identifying security gaps before they become incidents, strengthening application and cloud security controls, and ensuring audits, assessments, and remediation activities run smoothly with minimal risk exposure.

What would make you a good fit for this role?

• Here are the basic requirements:
• You have 3–6 years of experience in Cybersecurity, VAPT, Application Security, Cloud Security, or Internal Security Audits
• You possess hands-on experience in Web Application, API, and Cloud penetration testing
• You understand security principles across SaaS applications, cloud infrastructure, and modern authentication mechanisms
• You have experience with vulnerability assessment tools, audit testing, and security remediation tracking
• You communicate clearly, document findings effectively, and collaborate well across technical and non-technical teams
  
  

What are the most critical skills for this role?

• You identify and assess vulnerabilities with a strong risk-based security mindset
• You understand application security, OWASP Top 10, API security, and cloud security fundamentals
• You conduct audit testing, evidence validation, and remediation follow-ups with precision
• You prepare clear technical reports and communicate security risks effectively to stakeholders
• You work collaboratively with Engineering, DevOps, and Compliance teams to improve security posture
  
  

You Will Have An Advantage If You

• You hold certifications such as CEH, OSCP, Security+, AZ-500, AWS Security Specialty, or ISO 27001 LA/LI
• You have experience securing SaaS platforms and cloud-native applications
• You possess hands-on knowledge of SIEM, threat detection, CSPM, or security monitoring tools
• You have worked on compliance-driven security assessments including SOC 2, PCI DSS, or ISO 27001
  
  

Why should you be interested?

• Here’s what you will gain from this role:
• You will work on end-to-end security across applications, cloud, audits, and compliance in a fast-growing SaaS environment
• You will gain exposure to enterprise-grade security operations, pentesting, and cloud security practices
• You will collaborate directly with leadership, Engineering, and Product teams to drive impactful security initiatives
• You will strengthen your expertise in modern SaaS security, compliance, and risk management frameworks
  
  

You will contribute to building secure, scalable, and compliance-ready customer experience platforms used globally

---