Job
Description
We are looking to hire a Cyber Security Engineer with strong analytical skills and a comprehensive understanding of cybersecurity principles. The ideal candidate will have hands-on experience in web application, network security and hardware security with the ability to identify vulnerabilities, execute penetration tests, and recommend effective mitigations. The role requires an individual who is detail-oriented, able to work under pressure, and capable of delivering results within tight deadlines. Responsibilities: Conduct web application penetration testing using established methodologies (e.g., OWASP). Perform network penetration testing and identify system-level vulnerabilities. Conduct hardware-level security assessments and penetration tests on embedded systems, PCBs, SoCs, firmware, and IoT devices. Perform side-channel analysis, fault injection, and reverse engineering of hardware and firmware. Analyze firmware images for vulnerabilities using both static and dynamic methods. Analyse existing security measures and recommend improvements. Document findings, provide detailed risk assessments, and deliver remediation strategies. Advise on and implement security best practices across applications and infrastructure. Collaborate with development and infrastructure teams to ensure secure design and implementation. Stay current with evolving threats, vulnerabilities, and mitigation techniques. If experienced, conduct mobile application penetration testing (preferred, not mandatory). Requirements: A degree in computer science, IT, systems engineering, or related qualification. Core experience and profound knowledge in application and infrastructure security testing. Strong understanding and hands on experience on application and infrastructure vulnerabilities, automated/manual testing, auditing and remediation techniques. Strong understanding of OWASP Threats classification Experience with standard security tools such as Metasploit, SQLMap, Nmap, OWASP ZAP, Burp Suite etc. Experience with network/infrastructure vulnerability assessment tools such as Nessus, Qualys etc. Experience with establishing penetration testing procedures and processes. Proficiency in any one of the scripting languages like Python, C++, Java, Ruby, Node, Go, and/or Power Shell Ability to work under pressure in a fast-paced environment. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Great awareness of cybersecurity trends and hacking techniques. Good to have: Understanding of server and client-side application development. Experience with performing code review, wireless and firewall assessments. Experience in evasion techniques to bypass firewalls and intrusion detection systems. Experience with Mobile Application Penetration testing, APIs etc. Knowledge in Application Architecture Review, Threat Modelling concepts Security Certifications: OSCP, OSEE, OSCE etc.
