Key Responsibilities Proven expertise & track record in Web and Mobile application Penetration testing (Web, Mobile, API / Webservices) Proven expertise & track record in Network and system Penetration testing (Web, Mobile, API / Webservices) Must Have Experience in Tools for Firewall Evasion, Abuses to IPSec VPN, Border Gateway Protocol, GRE Tunneling.
Be able to lead an assessment or penetration test with 1-2 other resources Be able to lead a red team engagement and participate in a purple team engagement.
Be an expert in penetration testing methodology Have experience in developing exploits and tooling from vulnerabilities both pre and post exploitation.
Should have experience with tools Burp suite, Metasploit, Tenable, SQL Map, NMAP, SCAPY, and other tools. Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them.
Knowledge of TCP / IP and other application and network level protocols. Conduct vulnerability assessment and penetration testing and configuration review for systems and networks.
Be able to author and issue reports on assigned application and system scan. Support Jr. resources in their authoring of reports and issues.
Support and recreate proofs of concept from security reports. Support and be a member of the PSIRT organization. Good exposure to Cloud Applications like AWS, Azure and other SAAS Applications Experience in Automating Security tasks using Python or Java Frameworks is a bonus Should be able to think Out of the box.
Possess ability to think and implement new attack approaches / vectors. Should be able to support the development of tooling for CI / CD / CS processes enabling other teams to test their own systems and work output.
Should possess relevant university degree and / or professional qualifications / certification (e.g. CEH, OSCP) Be able to maintain and contribute to the threat models Support sessions to teach system and network exploitation and security testing methods to resources.
Excellent written and verbal communication skills. Self-motivated, curious, knowledgeable pertaining to news and current events