Evaluator (Cybersecurity Evaluation & VAPT Consultant)

Job Description • Support Common Criteria (CC:2022) evaluations (documentation, testing, coordination between stake holders) • Conduct Cybersecurity Labelling Scheme (CLS) compliance assessments and remediation support • Perform and support VAPT activities (network, web, API, IoT as applicable) • Conduct vulnerability scanning, manual verification, and remediation validation • Apply standards such as OWASP, CWE, CVSS, CIS Benchmarks to analysis work • Prepare technical security reports with risk ratings and recommendations • Liaise with regulators and technical stakeholders • Strong documentation, regulatory interpretation, and stakeholder coordination skills required Requirements for Experienced Role Experience • 2–5+ years in cybersecurity, product security, or security consulting • Hands-on involvement in Common Criteria (CC) and/or Cybersecurity Labelling Scheme (CLS) evaluations • Experience supporting or leading VAPT projects • Experience working with evaluation labs, certification bodies, or regulators (preferred) Technical Skills Strong knowledge of: • CC (preferably CC:2022, EAL requirements, SFR/SAR structure) • Secure SDLC practices • OWASP Top 10, CWE, CVSS scoring • CIS Benchmarks and system hardening • Proficiency with VAPT tools (e.g., Burp Suite, Nessus, Nmap, Metasploit) • Understanding of network security, OS hardening, web/app security, and basic cryptography • Strong technical documentation and report writing skills Qualifications / Certifications (Preferred) • Degree in Cybersecurity, Computer Science, Engineering, or related field • OSCP / CREST CRT (for VAPT-focused roles) • CISSP / CISM (good to have) • Relevant CC or product security experience is highly advantageous