Penetration Tester

Duties and Responsibilities:

o Looking atleast 8+ Years of experience in Penetration Testing.

o Conduct penetration tests on a wide range of digital products, including networks, web, and mobile applications, to identify vulnerabilities and security weaknesses.

o Collaborate with internal product teams to understand their set-ups, goals, and constraints.

o Effectively communicate findings and solutions to technical and non-technical stakeholders.

o Prepare detailed and clear reports documenting findings, reproduce steps, and recommended remediation steps, ensuring the internal product teams understand the security implications.

o Work with cross-functional teams, including security engineers and developers to help them to implement security measures and resolve identified vulnerabilities.

o When your schedule is constrained, coordinate, and manage penetration tests with third-party vendors, ensuring high-quality and timely delivery.

o Contribute to the development and improvement of our testing methodologies, processes, and tools.

o Stay up to date with the latest threats, vulnerabilities, and exploits and develop new testing techniques as necessary.

o Conduct security tests based on products security requirements.

Qualifications:

o Bachelor’s degree in computer science/engineering, information security, or a related field.

o Proven experience in penetration testing, vulnerability assessment, and security testing with a minimum of 8 years in a similar role.

o Proven track record of conducting successful penetration tests for a variety of organizations and industries.

o Industry-recognized certifications such as Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN) certifications, or similar qualifications are highly desirable.

o Demonstrated experience in vulnerability research (e.g., CVEs) is a plus.

o Experience in designing, developing, and executing customized penetration testing methodologies.

o Familiarity with various tools and frameworks used in penetration testing, such as Metasploit, Burp Suite, Nessus, Nmap etc.

o Strong knowledge of operating systems (Windows, Linux, and mobile platforms), databases, and web technologies.

o A deep understanding of common security protocols and technologies, including firewalls, intrusion detection/prevention systems, SSL/TLS.

o Programming skills and experience with languages such as Bash, Python, and PowerShell

o The ability to provide clear, comprehensive, and actionable reports on penetration test findings, including recommendations for remediation.

o Exceptional written and verbal communication skills to effectively convey technical information to both technical and non-technical stakeholders.