:
Your Responsibilities
? Participate in Security Assessments and Perform penetration tests on web-based applications, networks and computer systems,
? Design and create new penetration tools and tests
? Probe for vulnerabilities in web applications, fat/thin client applications and standard applications
? Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
? Participate and lead red teaming, fuzzing, source code review and reverse engineering.
? Work on improvements for provided security services, including the continuous enhancement of existing methodology
material and supporting assets
? Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security
strategies
? Review and define requirements for information security solutions
? Work on
o improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
o ensuring technical aspects and business processes are aligned
? Define and enable specific action plans to attain and maintain compliance to minimum requirements, security standards and project specific requirements.
? Research, document, present and discuss security findings with management and IT teams.
? Work closely with Sales in design and architecting of comprehensive security solutions for customers.
? Participate in customer facing discussions and workshops to explain solutions, and approaches to addressing customer risk
and security challenges.
Requirements
Must Have Requirements
? CREST or OSCE Certifications
? At least 2 years full-time experience conducting the following types of penetration tests:
o Servers and clients (Windows and Linux) o Web applications (including APIs)
? Experience using Kali Linux
? Familiar with penetration testing tools and frameworks, such as:
o Nessus
o Burp Suite o NMAP
o Metasploit o Fortify
o AppScan
? Experience performing digital forensic investigations (including maintaining integrity and chain-of-custody of evidence)
? Familiar with AWS, Azure, and/or GCP
? Familiar with the OSI model and attack vectors at each layer
? Familiar with cryptographic principles
? Good team player, with excellent verbal and written communication skills.
? Ability to take ownership of an initiative/issue through completion
Great to Have Requirements
? Familiar with cloud-native penetration testing (serverless architectures such as functions and containers)
? Familiar with reverse engineering binary applications
? Experience with automation and scripting in any of the following languages:
? Familiar with git or other source control methodologies
? Experience in consulting assignments to assess organizational security posture, develop security roadmaps and remediation
plans, etc.
? Experience in technically supporting sales and customer engagements through presales and other advisory activities.
o Shell, bash, zsh, etc.
o PowerShell
o Python (Python 3 preferred)
Formal Education
? Degree in Computer Science, Information Systems, Engineering, Digital Forensics or equivalent qualifications is preferred.
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.