Cybersecurity Penetration Tester R&D

Role & responsibilities

▪ Lead engagements from kickoff with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.

▪ Minimum 3+ (3-6yrs) years of experience in web and thick client application penetration testing domains.

▪ Expertise in using tools such as Nmap, Wireshark, Burp suite, OWASP Zap, Echo Mirage, and OS such as Kali Linux or similar etc.

▪ Proficiency in dynamic analysis of thick client applications and reverse engineering to uncover the logic and develop exploits.

▪ Strong communication skills and ability to develop detailed PoCs and reports to convey complex technical information to both technical and non-technical stakeholders, train product team and promote security awareness.

▪ Stay up to date on the latest exploits and security trends.

Preferred candidate profile

▪ Candidate must have either of the following certifications from OSCP, OSEP, OSED, SANS GPEN, GXPEN.

▪ Knowledge of programming languages such as C, C++, Java, .Net..

▪ Who have practical pen-test certification . Eg OSCP , OSWE , CREST CRT , CTRE

▪ Knowledge of Windows and Linux OS along with strong understanding of networking principles.

▪ Knowledge of reverse engineering tools, debuggers, and dynamic analysis techniques for thick client applications.

▪ Knowledge of OWASP, NIST, MITRE CWE,CVSS etc.

▪ Ability to learn and adapt quickly.

▪ Knowledge in testing mobile applications (Android and iOS) is not mandatory but good to have.

Candidate must have experience in working with Web and Thick Client Applications.

Perks and benefits