Overview:
• Lead engagements from kickoff with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.
• Minimum 3+ years of experience in product penetration testing.
• 3+ years of experience in web, mobile (Both Android & iOS) and thick client penetration testing domains.
(Recommended to have expertise in more than 1 domain)
• Perform exploit and vulnerability research on Schneider electric products.
• Knowledge of TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred.
• Knowledge of at least one scripting language such as python, shell script, ruby, javascript etc.
• Research fuzz testing tools and conduct penetration test on a variety of Schneider Electric products via communication interfaces such as Modbus, Wi-Fi, Bluetooth, and others.
• Ability to develop detailed PoCs, train product team and promote security awareness.
• Stay up to date on the latest exploits and security trends.
Requirements
• Bachelor's Degree in a related Cybersecurity/IT/Computer Science field.
• OSCP, OSCE, SANS GPEN, GXPEN, CRTE, CPSA, CRT or CEH certification is must. (Any one Skill Certification)
• Good understanding of emerging technologies such as IoT and 5G
• Knowledge of programming languages such as C, C++, Java, .Net or Javascript.
• Ability to learn and adapt quickly
• Knowledge of Windows and Linux, basic security, and networking principles.
• Knowledge of reverse engineering tools, debuggers, and dynamic analysis techniques.
• Knowledge of OWASP, NIST, MITRE CWE etc.
One or more of the following may serve as a distinct advantage (not strictly required):
• Hardware debugging skills
• Familiarity with testing embedded devices, OT/IoT protocols.
• Basic reverse engineering skills (Familiarity with IDA Free, Ghidra, etc.)
• Basics of ARM exploitation.
• Good in exploit writing
--
You must verify your mobile number to apply to this job.