Cyber Security Analyst - OSCP (4-8 yrs)

Job Description :

Role : Cyber Security Analyst.

Position Title : Cyber Security Analyst.

Experience Required : 4 to 8 years.

Certifications Required : OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker).

Role Overview :

As a Cyber Security Analyst, you will be responsible for simulating cyber-attacks on organization's networks, systems, and applications to identify vulnerabilities before they can be exploited by malicious actors.

You will work closely with security teams to recommend solutions for mitigating discovered risks and improving the overall security posture.

The ideal candidate will have a deep understanding of attack methodologies, tools, and techniques, along with a passion for cybersecurity and ethical hacking.

Key Responsibilities :

Threat Detection and Response :

- Monitor and analyze security alerts to identify potential threats.

- Respond to and mitigate security incidents in real-time.

Vulnerability Management :

- Conduct vulnerability assessments and penetration testing to uncover weaknesses in systems.

- Collaborate with IT teams to implement effective solutions.

Penetration Testing :

- Perform thorough penetration tests on internal and external systems, networks, and applications to identify vulnerabilities and weaknesses.

Reporting :

- Document findings, vulnerabilities, and attack vectors in detailed penetration testing reports.

Exploit Development :

- Develop and test custom exploits for identified vulnerabilities, where necessary, to validate the severity of discovered issues.

Security Infrastructure Management :

- Configure, manage, and optimize firewalls, intrusion detection/prevention systems, and other security tools.

- Regularly review and update security policies and procedures.

Compliance and Risk Management :

- Ensure compliance with relevant security frameworks and standards (e., ISO 27001, GDPR, NIST).

- Conduct risk assessments and recommend mitigating strategies

Training and Awareness :

- Educate internal teams on best practices for cybersecurity.

- Stay updated with the latest trends, tools, and techniques in the cybersecurity landscape.

Required Qualifications and Skills :

- Certifications : OSCP and CEH (mandatory).

- Experience : 4 to 8 years of hands-on experience in cybersecurity roles.

Technical Skills :

- Proficient in penetration testing tools such as Burp Suite, Kali Linux, Metasploit, Nmap, Wireshark, Nessus and others.

- In-depth knowledge of web application security, network security, cloud security, and mobile security.

- Hands-on experience in performing security assessments on various platforms (Linux, Windows, macOS).

- Knowledge of common attack vectors (e., SQL injection, XSS, CSRF, privilege escalation, etc.

- Understanding of secure development practices and DevSecOps methodologies.

- Familiarity with bypassing security mechanisms, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and anti-virus software.

- Experience in writing and exploiting custom scripts or payloads (Python, Bash, PowerShell, etc.

- Expertise in SIEM solutions (e., Splunk, QRadar).

- Strong understanding of network protocols, encryption standards, and cloud security.

Soft Skills :

- Strong analytical and problem-solving abilities.

- Excellent communication and documentation skills.

Preferred Skills :

- Knowledge of scripting languages (e., Python, Bash, PowerShell).

- Experience with forensic tools and techniques.

- Familiarity with DevSecOps practices.

- Familiarity with industry regulations and compliance standards (e., PCI-DSS, GDPR, HIPAA, NIST, ISO 27001).

Why Join Us?

- Opportunity to work on cutting-edge security projects.

- Collaborative and innovative work environment.

- Competitive salary and benefits package.