Network infra penetration testing - Lead- Software Engineer II (Lead) | US Convenience Store | 7 - 11 Years | T989-1223
5d ago

02 : Network infra penetration testing - Lead

Qualifications :

Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience.

8+ years of IT professional experience, with 6+ years Information Security experience, with previous as a network and cloud pen tester

Requirements :

  • Expert in identifying the network ports, peripherals, and other common weak points that can help gain access to a business system
  • Use of multiple tools for Discovery and Recon phase to identify most of the entry points to start the infra-assessment
  • Identifying Network Security Flaws in an operating system, cloud and network
  • Conduct configuration reviews for OS, DB, Firewall, Routers, Switches and other infrastructure components
  • Conduct vulnerability assessment and penetration testing and configuration review for network and cloud
  • Perform penetration testing and vulnerability assessment on various types of technologies and implementations using automated (commercial, open source) tools and manual techniques. This may include
  • Network infrastructure and wireless networks
  • Servers, platforms, containers, hosting infrastructure and services
  • Conduct assessments of the Cloud SaaS environments
  • Have experience evaluating cloud environment configurations, such as bucket policies, IAM policies, security groups and ACLs, for security vulnerabilities and integrating these findings into the pen test
  • Drive end to end assessment & governance compliance and ensure OS like Microsoft Windows Server, Linux, Unix, Voice Infra, Mac are secured
  • Knowledge of popular security tools Nessus, Qualys, Burpsuite etc.
  • Good hands-on experience of KALI Linux and Metasploit
  • Hands on experience in Network monitoring tools like Wireshark, Ettercap
  • Knowledge of PCI / DSS, Cloud Security Alliance, ISO2700x controls.
  • Security Certifications - GPEN, CPT, OSCP, OSCE, GIAC, published CVE, Github projects, bug bounty profiles, hackthebox profile, or similar.
  • Test security within Microsoft Azure, AWS and Cloud technologies implementation
  • Research potential improvements to servers and recommend fixes as per Industry Best Practices to the Management.
  • Conducting Penetration Testing and closing vulnerabilities in the servers
  • Manage and ensure effectiveness of security solutions, including server security
  • Identifying and maintaining Key metrics and SLA on Infrastructure Security.
  • Broad technical knowledge of infrastructure technologies i.e. Vulnerability assessment, Penetration testing, SIEM, DLP, Malware Protection, IDS, Wireless IPS, DMZ and Firewall Security.
  • Independently execute red team assessments to identify security exposures and to evaluate effectiveness of security controls and response.
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form