Talent.com
This job offer is not available in your country.
Penetration Tester - Threat Hunting

Penetration Tester - Threat Hunting

Awign Enterprise Pvt ltdHyderabad
30+ days ago
Job description

Job Responsibilities : ( General Shift & Uk shift), 5days work from Office, Cab facility is there.

  • Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques.
  • Application Penetration Testing (Browser-based, API, Mobile, IoT)
  • Threat Modeling
  • Source Code Review
  • Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications.
  • Perform red team exercises to determine where weaknesses in the clients infrastructure and how it should be remediated.
  • Organizing and delivering technical security operational briefings for both technical and non technical audiences.
  • Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics
  • Dynamic application security testing (DAST) scans on the identified targets without credentials.
  • Perform credentialed DAST scans on known client URLs.
  • Conduct research to identify new attack vectors.
  • Review and provide feedback for all Security Artifacts.
  • Play a critical role in building an AppSec program that has a wide scope and impact.
  • Researching Open source emerging technologies, developing required frameworks and capabilities to perform red team exercises on new technologies adopted by clients.
  • Preparing and delivering clear, accurate, and concise written and oral technical reports for

management.

Job specifications : 1. Qualification :

  • Bachelors degree in Engineering or closely related coursework in technology development disciplines
  • Certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN

    • 2. Experience :

    Total Experience : 5+ years

    3. Desired Skills : and Experience :

  • Offensive Security Certified Professional (OSCP) and / or Offensive Security Certified Expert (OSCE).
  • A thorough understanding of the Secure Development Life Cycle
  • Have comprehensive knowledge of common vulnerabilities (e.g., OWASP Top 10), diverse

    • application attack vectors, security testing processes, and both wired and wireless network security protocols.

  • Have familiarity with common threat tactics and tools (Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App detective, Web Inspect, etc.).
  • Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.) .
  • Mobile platform penetration testing tradecraft and methodologies across widely-used

    • platforms (iOS and / or testing :

    Ability to find and exploit bugs in :

  • C++, Java, JavaScript, Go, and Python
  • Kubernetes, AWS, GCP, or Azure
  • Memory management, namespaces, cgroups, etc.
  • Passion for writing code to solve problems combined with an interest in Offensive Security.
  • Ability to demonstrate a strong background in one of the following languages : Golang,

    • Python, Java, JavaScript, C++, C

    Personal Attributes :

  • Self-starter and quick learner requiring minimal ramp-up
  • Excellent analytical, written, oral, and interpersonal communication skills
  • Highly self-motivated, self-directed, and attentive to detail
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Strong communications skills to comfortably work cross-functionally across the organization.

    • (ref : hirist.tech)

    Create a job alert for this search

    Penetration Tester • Hyderabad