The Role
We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
Your responsibilities:
Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.
• Perform penetration testing which includes Network, web application, APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing.
• Execute penetration testing projects using the established methodology, tools and rules of engagements.
• Execute red team assessments to highlight gaps impacting organizations security postures.
• Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
• Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
• Convey complex technical security concepts to technical and non-technical audiences including executives.
• Perform technical quality reviews and conduct technical conversations directly with clients.
• Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams
• Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing.
Your Profile
Essential skills/knowledge/experience:
•Proficient Pen Testing Tools - Cobalt Strike, Caldera, Atomic Red team, Pentera, Nessus, Burp, OSINT etc.
•Good understanding of software testing methodologies and techniques
•Experience with manual and automated testing tools
•Good problem-solving and debugging skills
•Ability to write clear and concise test plans and reports
•Good communication and collaboration skills
•Familiarity with software development life cycle
•Proven ability to deliver high-quality software solutions
Desirable skills/knowledge/experience:
•Bachelor’s degree in computer science, Cybersecurity, or a related field. Master’s degree preferred.
•8+ years of experience in information security, with a focus on Technical Cyber Security domain
•Minimum of 5 years’ experience in a network / cloud security environment.
•CISSP, CCSP, OSCP, SANS or equivalent desirable
•Certification in one or more cloud vendor offerings such as AWS, GCP, Azure, OCI.