Key Responsibilities:
– Proven expertise & track record in Web and Mobile application Penetration testing (Web, Mobile,
API/Webservices)
– Proven expertise & track record in Network and system Penetration testing (Web, Mobile,
API/Webservices)
Must Have:
– Experience in Tools for Firewall Evasion, Abuses to IPSec VPN, Border Gateway Protocol, GRE
Tunneling.
– Be able to lead an assessment or penetration test with 1-2 other resources
– Be able to lead a red team engagement and participate in a purple team engagement.
– Be an expert in penetration testing methodology
– Have experience in developing exploits and tooling from vulnerabilities both pre and post
exploitation.
– Should have experience with tools Burp suite, Metasploit, Tenable, SQL Map, NMAP, SCAPY, and
other tools.
– Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them.
– Knowledge of TCP/IP and other application and network level protocols.
– Conduct vulnerability assessment and penetration testing and configuration review for systems
and networks.
– Be able to author and issue reports on assigned application and system scan.
– Support Jr. resources in their authoring of reports and issues.
– Support and recreate proofs of concept from security reports.
– Support and be a member of the PSIRT organization.
– Good exposure to Cloud Applications like AWS, Azure and other SAAS Applications
– Experience in Automating Security tasks using Python or Java Frameworks is a bonus
– Should be able to think “”Out of the box””. Possess ability to think and implement new attack
approaches/vectors.
– Should be able to support the development of tooling for CI/CD/CS processes enabling other teams
to test their own systems and work output.
– Should possess relevant university degree and/or professional qualifications/certification (e.g.
CEH, OSCP)
– Be able to maintain and contribute to the threat models
– Support sessions to teach system and network exploitation and security testing methods to
resources.
– Excellent written and verbal communication skills.
– Self-motivated, curious, knowledgeable pertaining to news and current events