CyberSecurity Engineer/Penetration tester

As a Security Analyst you will be performing security penetration testing on applications and IT infrastructure. Apart from this, you will be working in the Security Operations Center handling complex security incidents and ensure that appropriate countermeasures are taken in a timely manner.

Roles and Responsibilities

    Execute engagements in application security assessments, infrastructure security Penetration Testing, and Vulnerability Assessment on IT infrastructure.
    Profile an application, identifying threats, and developing test cases to different targets identified threats.
    Identify and exploit vulnerabilities in applications and infrastructure.
    Prepare reports documenting identified issues..
    Identify potential vulnerabilities based on misconfiguration, policy, or design flaws on the organization's IT applications and infrastructure.
    Perform validation on Responsible Disclosures and provide remediation recommendations to business and development teams to mitigate vulnerabilities.
    Apart from these responsibilities, the analyst will be working on various technologies in the Security Operations Center like Endpoint Detection and Response, SIEM solutions, threat intelligence etc.

Desired Technical Experience

    A minimum of around 1 year of experience in security penetration testing.
    Experience on security testing using frameworks like Metasploit and any similar
    Profiling applications, identifying threats, developing test cases and relevant threat models.
    Experience in exploitation of vulnerabilities in applications, networks and IT infrastructure.
    Experience with tools like Bloodhound, ADFind, ADRecon, Impacket (secretsdump, wmiexec, smbclient etc), Empire, Covenant, Socks4/Socks5 Proxies, 3Proxy, Chisel, plink, putty, nmap, massscan, CrapMapExec.
    Experience with PowerShell, Group Policy Scripts, Powershell Automation, Python Scripts.
    Experience on research of emerging security topics and new attack vectors.
    Knowledge on technologies like IPSEC, SSL, SSH, VPN, DNS, SMTP, FTP.

Application procedure:

    You will have two interviews with colleagues
    During these interviews we will discuss 1 or 2 cases to discuss your affinity and knowledge of ethical hacking and to see how you effectively solve problems
    After the two interviews you will discuss the employment conditions with HR