Pen tester

Role: Network Pen Tester

Location : Remote

Responsibilities: 

- MANDATORY SKILLS: ASSOCIATE SHOULD BE CURRENTLY ACTIVELY WORKING IN PEN TESTING ROLES

- MANDATORY SKILLS: PREVIOUS ASSIGNMENT ALSO SHOULD BE FOCUSED ON PEN TESTING AS PRIMARY HARD CORE SKILL SET V/S WORKING ON ONLY ASSOCIATE ACTIVITIES AS COLLETERAL DUTIES

- MANDATORY SKILLS: ASSOCIATE SHOULD BE EXPERT IN PEN TESTING, AS BASIC KNOW-HOW OR WORKING AS SIDE ACTIVITY WILL NOT SUFFICE FOR THIS ROLE

- Perform offensive security testing of applications, both manual and automated.

- Perform network security testing for networks, infrastructure, and servers.

- Guides the strategy, approach and development of robust security & risk controls verification techniques and capabilities, which will be aligned to our controls requirements frameworks and objectives defined by the Security & Threat Solutions Strategy team. 

- Provide remediation guidance to the impacted solution or network owners.

- Support the risk assessment processes by weighing in as technical security SMEs.

Qualifications: 

- 5 years of experience penetration testing applications

- 3 years penetration testing networks

- Strong capabilities in identifying and exploiting web vulnerabilities, especially the OWASP top 10

- Scripting experience in Bash, Java, .Net, Python or Ruby

- Experience finding vulnerabilities in both off-the-shelf and open-source components

- Experience testing web applications & thick applications

- Strong understanding of network protocols, routing, firewalls, and network security technologies.

- Experience in exploitation, Firewall bypasses, antivirus evasion

- Ability to communicate with stakeholders at multiple levels, including remediation for vulnerabilities identified.

- Ability to write clear reports on solutions or networks tested

- Secure code review experience is preferred

- OSCP/OSWE preferred 

- Experience with secure development and security features required by cloud infrastructure is preferred

- Clear understanding of the challenges offered by information security, privacy, and compliance

- Strong working knowledge of structured security guidelines Generic Skills: 

- Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations 

- Works well under pressure and within time/budget constraints to solve problems or meet objectives - Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines 

- Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change