Consultant

We are seeking an experienced Security Pentester with 5 years of expertise to join our team. The successful candidate will be responsible for identifying and mitigating security vulnerabilities across various systems, applications, and networks. This role requires a deep understanding of security principles, excellent problem-solving skills, and the ability to work collaboratively with different teams.

• Conduct comprehensive penetration tests to uncover security weaknesses in web applications, networks, and other systems.
• Perform detailed vulnerability assessments and provide actionable recommendations for remediation.
• Develop and execute thorough test plans to ensure all potential vulnerabilities are identified and addressed.
• Collaborate with cross-functional teams, including IT, development, and operations, to remediate identified vulnerabilities and improve overall security posture.
• Document and report findings, including risk assessments and mitigation strategies, to stakeholders.
• Stay up-to-date with the latest security trends, vulnerabilities, and technologies to ensure the organization remains protected against emerging threats.

Qualifications:

• Strong understanding of common security vulnerabilities and mitigation techniques, including OWASP Top Ten, SANS/CWE Top 25, and others.
• Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and others.
• Experience with scripting languages such as Python, Bash, or PowerShell to automate tasks and develop custom testing tools.
• Relevant certifications such as OSCP (Offensive Security Certified Professional) or CEH (Certified Ethical Hacker) are highly desirable.
• Familiarity with secure coding practices and the ability to review and analyze code for security vulnerabilities.
• Knowledge of network protocols, operating systems, and security architectures.

Skills:

• Excellent analytical and problem-solving abilities to identify and address complex security issues.
• Strong communication and teamwork skills to effectively collaborate with various teams and stakeholders.
• Ability to work independently and manage multiple tasks and projects simultaneously.
• Attention to detail and a commitment to delivering high-quality work.

Preferred Experience:

• Experience with cloud security and familiarity with platforms such as Azure, AWS or Google Cloud.
• Knowledge of regulatory requirements and industry standards such as GDPR, HIPAA, PCI-DSS, and others.
• Experience with security assessment methodologies and frameworks such as ISO 27001, NIST, CIS and others.