Description
Key Responsibilities:Conduct advanced penetration testing on web applications, networks, and systems to identify vulnerabilities.Simulate sophisticated cyberattacks using tools and custom scripts to exploit weaknesses.Develop and deploy custom tools, scripts, and exploits to test system resilience.Collaborate with development and IT teams to remediate vulnerabilities and improve security.Stay up-to-date with the latest attack vectors, vulnerabilities, and penetration testing methodologies.Write detailed reports documenting findings, risks, and remediation recommendations.Mentor junior team members and share knowledge on advanced hacking techniques.Participate in red team/blue team exercises and incident response activities.Required Skills and Qualifications:Technical Expertise:Expert in C++, C#, PowerShell, and other scripting/programming languages.Strong knowledge of penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark).Experience with reverse engineering, exploit development, and vulnerability research.Familiarity with operating systems (Windows, Linux, macOS) and their security mechanisms.Understanding of network protocols, firewalls, and intrusion detection/prevention systems.Knowledge of cloud security (AWS, Azure, GCP) and containerization (Docker, Kubernetes).Experience:5+ years of experience in penetration testing, ethical hacking, or red teaming.Proven track record of identifying and exploiting critical vulnerabilities.Experience with web application security (OWASP Top 10, API security, etc.).Hands-on experience with malware analysis and forensic tools is a plus.Certifications (Preferred):OSCP (Offensive Security Certified Professional)OSCE (Offensive Security Certified Expert)CEH (Certified Ethical Hacker)GPEN (GIAC Penetration Tester)CISSP (Certified Information Systems Security Professional)Soft Skills:Strong problem-solving and analytical skills.Excellent communication skills, with the ability to explain technical findings to non-technical stakeholders.A proactive and self-driven mindset with a passion for cybersecurity.Nice-to-Have Skills:Experience with mobile application security (iOS/Android).Knowledge of blockchain and smart contract security.Familiarity with AI/ML security challenges.Contributions to open-source security projects or bug bounty programs.