About the Role
We are looking for a skilled and highly motivated Penetration Tester to join our Information Security team.
The Penetration Tester will be responsible for identifying and exploiting vulnerabilities in our systems, networks, and applications to enhance the organization's security posture.
The ideal candidate will have a strong technical background in ethical hacking, vulnerability assessment, and security testing methodologies
Key Responsibilities
Vulnerability Assessment and Exploitation:
Conduct comprehensive offensive penetration testing on network infrastructure, web applications, mobile applications, and other digital assets.
Identify, analyze, and exploit security vulnerabilities using advanced tools and techniques.
Perform manual testing to complement automated tools and identify complex vulnerabilities.
Reporting and Documentation:
Document findings in detailed, clear, and concise penetration testing reports.
Provide actionable recommendations to mitigate identified vulnerabilities
Communicate findings and recommendations to technical and non-technical stakeholders
Security Tools and Methodologies:
Utilize a variety of penetration testing tools such as Burp Suite, Metasploit, Nessus, Nmap, and others.
Develop custom scripts and tools to assist in testing efforts.
Stay updated on the latest security vulnerabilities, tools, and methodologies.
Collaboration and Support:
Work closely with the security operations, development, and IT teams to address security issues..
Participate in red team/blue team exercises to improve overall security posture..
Provide support and guidance to junior penetration testers and security analysts
Compliance and Standards:
Ensure penetration testing activities comply with relevant regulations and standards such as PCI-DSS, ISO 27001, etc.
Contribute to the development and maintenance of security policies and procedures
Skills and Qualifications
A Bachelor's degree in Computer Science, Information Security, Computer Engineering ora related degree
Possesses relevant certifications, such as OSCP, CEH, GPEN, or CISSP, is required.
Minimum of 3 years of experience in penetration testing, ethical hacking, or a related field
Proven track record of identifying and exploiting vulnerabilities in diverse environments.
In-depth knowledge of network and application security principles.
Proficiency with penetration testing tools and methodologies.
Strong understanding of common vulnerabilities and exploitation techniques.
Experience with scripting and programming languages such as Python, Ruby, Bash, or PowerShell
Excellent analytical and problem-solving skills
Strong communication and reporting skills.
Ability to work independently and as part of a team.