Cyber Testing Director

Role Cyber Testing DirectorWork Location - Bangalore/HyderabadJob Mode Hybrid

Experience Required 16 To 20 Yrs

Job Type - PermanentNotice Period - Immediate to 30 days

Discussion Points & Key Takeaways

• Role & Feedback on Hiring:
• The client has been receiving a high volume of SOC Analyst profiles, but they are not looking for SOC candidates.
• The requirement is for Cybersecurity Consultants who have strong technical expertise and work on a project-based approach, not just ticket resolution.
• The ideal candidate should be highly technical with consulting experience, not just SOC monitoring experience.
• Key Candidate Requirements:
• Certifications: OSCP, OSWE, CWEE, and Burp Suite Certified Professional (BSCP) are preferred. CEH is not a differentiator as it is considered easy to obtain.
• GitHub Presence: Candidates with an active GitHub showcasing their tools and contributions are preferred.
• CVE Publications: While not mandatory, candidates who have identified and reported vulnerabilities (CVE numbers) will have an advantage.
• Conference Participation: Candidates who have presented at cybersecurity conferences (e.g., Nullcon) are preferred, as this demonstrates their passion and expertise.
• Recent Experience: Candidates should have recent and relevant hands-on experience in Penetration Testing (Pen Testing) - not just experience from years ago.
• Cloud Expertise: AWS and Azure cloud security experience is highly desirable.
• Job Stability: Frequent job hoppers (changing jobs every year) will not be considered.
• Preferred Candidate Profile:
• Strong technical hands-on expertise rather than managerial experience.
• Team leads with technical experience are preferred over managers handling large teams.
• Not limited to Big 4 candidatestalented candidates from other backgrounds will also be considered.
• Next Steps & Sourcing Strategy:
• The recruiting team should focus on consultants rather than SOC Analysts.
• Utilize GitHub, CVE databases, and cybersecurity conferences to source top-tier talent.
• Reference security conferences like Nullcon for potential candidates: Top Cybersecurity Conferences in India 2025
• Ensure candidates align with technical skill expectations and recent offensive security experience before submission.
  

Action Items

The recruiting team to focus sourcing efforts on highly technical candidates with relevant certifications and hands-on experience.Avoid SOC Analyst profiles unless they have

consulting experience

and

strong pen-testing expertise

.Prioritize candidates with

GitHub activity, CVE publications, and conference participation

.Ensure candidates have

relevant and recent experience

in

offensive security/penetration testing

.Identify potential candidates from cybersecurity

conferences and GitHub repositories

.This structured approach will help identify

highly skilled cybersecurity professionals

aligned with the client's expectations.