Previous working experience as a Penetration Testing Expert for 5 year(s)
BA in Computer Information Systems, Management Information Systems or similar relevant field
In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Ruby, Perl, Python, PowerShell)
Hands on experience with testing frameworks such as the PTES and OWASP.
Hands on experience in performing Pen testing, Threat Modelling, Attack Modelling and Risk Modelling.
Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as Salesforce, AWS, Azure, or Google Cloud
Critical thinker and problem solver
Excellent organizational and time management skills
Minimum 7+ Years of Relevant Experience in IT Security/Pen Testing.
Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
Develop and maintain security testing plans which has all key components on Data security, Data Loss and Prevention, Authentication, Authorization, Access Controls etc.
Automate penetration and other security testing on networks, systems and applications
Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk using industry standard risk models DREAD etc.
Produce actionable, threat-based, reports on security testing results
Define tools and solutions both Proactive and Reactive identification of risk across system and Applications ( DAST, SAST and other industry standard tools)
Act as a source of direction, training, and guidance for less experienced staff
Mentor and coach other IT security staff to provide guidance and expertise in their growth
Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
Foster and maintain relationships with key stakeholders and business partners
--
You must verify your mobile number to apply to this job.