Manager Vulnerability Assessment and Penetration Testing at PITB Lahore 2026

About the Job

The Punjab Information Technology Board (PITB) is seeking applications from qualified professionals for the position of Manager (Vulnerability Assessment & Penetration Testing) through the Punjab Recruitment portal. This is a contract-based role responsible for leading and managing a comprehensive VAPT program, overseeing security assessments, penetration testing activities, and ensuring the organization's cybersecurity posture is continuously strengthened.

Job Details

• Position: Manager (Vulnerability Assessment & Penetration Testing)
• Organization: Punjab Information Technology Board (PITB)
• Location: Lahore, Lahore District
• Employment Type: Contract
• Vacancies: 1
• Age Limit: 25 to 45 years
• Last Date to Apply: July 5, 2026

Eligibility Criteria

Education

• Master's or Bachelor's (Honors) degree with 16 years of education in one of the following disciplines:
• Advanced Computing
• Communication Engineering/Sciences
• Computational Science
• Computer Engineering/Sciences
• Computer Networks
• Electrical Engineering/Sciences
• Electronics Engineering/Sciences
• Information Engineering/Sciences
• Information Technology
• Telecommunication Engineering/Sciences
• Telematics Engineering/Sciences
• Electrical Engineering
• Software Engineering
• Management Information System
• Network Engineering

Experience

• 5 years of professional experience in cybersecurity, vulnerability assessment, or penetration testing

Other Requirements

• Age: 25 to 45 years
• Gender: Both males and females are eligible
• Domicile: Required for this position. Obtain via Dastak doorstep delivery (call 1202) or mobile application

Potential Key Responsibilities

• Lead and manage a team of VAPT specialists, providing guidance, performance management, and technical expertise
• Develop and implement a comprehensive VAPT program, ensuring adherence to industry-standard methodologies and timelines
• Conduct and oversee penetration testing and vulnerability assessments using tools like Nessus, Nexpose, Nmap, Metasploit, OpenVAS, and Burp Suite
• Track and report VAPT program effectiveness through metrics such as identified, remediated, and pending vulnerabilities
• Analyze results to prioritize vulnerabilities by risk and recommend actionable remediation strategies
• Stay updated on the latest VAPT tools, methodologies, and emerging threats such as OWASP Top 10 and zero-day vulnerabilities
• Collaborate with development, security, and IT operations teams to address identified vulnerabilities effectively
• Ensure secure SDLC checkpoints, security approvals, and risk exceptions are documented

How to Apply

• Visit the Punjab Recruitment portal: jobs.punjab.gov.pk
• Apply through the Punjab Recruitment portal link available on the job posting page
• Ensure you have valid Punjab domicile (obtain via Dastak doorstep delivery: call 1202 or use mobile application)
• Last Date to Apply: Sunday, July 5, 2026

Contact: Punjab Recruitment Portal | jobs.punjab.gov.pk | Domicile: Dastak Doorstep (Call 1202)

Expert Tips

• Your hands-on experience with VAPT tools including Nessus, Nexpose, Nmap, Metasploit, OpenVAS, and Burp Suite must be prominently featured with specific certifications and proficiency levels. Detail your experience with each tool, the types of vulnerabilities you have identified and exploited, the complexity of engagements you have managed, and any certifications you hold (CEH, OSCP, GWAPT, GPEN). Include specific examples of successful penetration tests, the scope of assessments (networks, applications, infrastructure), and measurable security improvements achieved from your findings.
• Team leadership and VAPT program development experience is critical for this manager-level position and should be extensively documented with team sizes and project scopes managed. Describe the VAPT teams you have led, the number of security professionals managed, the programs you have designed and implemented, and the methodologies you have established (NIST, PTES, OWASP). Reference your experience mentoring team members, conducting performance reviews, and building high-performing security teams. Include metrics on program effectiveness, assessment volume, and vulnerability remediation rates achieved.
• Your understanding of OWASP Top 10, emerging threats, and zero-day vulnerabilities should be demonstrated through continuous learning and industry participation. Describe your involvement in security communities, conferences attended, certifications maintained, and your methodology for staying current with threat landscapes. Reference your experience identifying zero-day vulnerabilities or novel attack vectors, your participation in threat intelligence sharing, and your ability to adapt VAPT programs to address emerging threat categories. Demonstrate proactive rather than reactive security approaches.
• Secure SDLC integration and stakeholder collaboration experience is essential and must highlight your ability to embed security throughout development processes. Detail your experience implementing secure code review checkpoints, security approvals in development pipelines, risk exception processes, and your relationships with development, operations, and IT teams. Reference specific instances where you have successfully influenced security practices across organizational teams, reduced vulnerability remediation timelines, and improved security awareness among non-security personnel.