Penetration Tester - Cyber Security (5-7 yrs)

The Role : Cybersecurity Penetration Tester R&D.

Job Description Overview :

- Lead engagements from kickoff with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.

- Minimum 4+ (5-7yrs) years of experience in web and thick client application penetration testing domains.

- Expertise in using tools such as Nmap, Wireshark, Burp suite, OWASP Zap, Echo Mirage, and OS such as Kali Linux or similar etc.

- Proficiency in dynamic analysis of thick client applications and reverse engineering to uncover the logic and develop exploits.

- Strong communication skills and ability to develop detailed PoCs and reports to convey complex technical information to both technical and non-technical stakeholders, train product team and promote security awareness.

- Stay up to date on the latest exploits and security trends.

Requirements :

- Candidate must have either of the following certifications from OSCP, OSEP, OSED, SANS GPEN, GXPEN.

- Knowledge of programming languages such as C, C++, Java, .Net.

- Who have practical pen-test certification. e.g OSCP, OSWE, CREST CRT, CTRE.

- Knowledge of Windows and Linux OS along with strong understanding of networking principles.

- Knowledge of reverse engineering tools, debuggers, and dynamic analysis techniques for thick client applications.

- Knowledge of OWASP, NIST, MITRE CWE, CVSS etc.

- Ability to learn and adapt quickly.

- Knowledge in testing mobile applications (Android and iOS) is not mandatory but good to have.

- Candidate must have experience in working with Web and Thick Client Applications.