Staff SecOps Consultant - Afternoon Shift

Karachi, Lahore, Islamabad, Sindh

10Pearls

10Pearls | The leading IT, Software, Web, App, and Emerging Technologies Services & Solutions | Enabling & Transforming Digitally Fortune 500 Clients Worldwide

View all jobs at 10Pearls

Apply now Apply later

Company Overview

10Pearls is an end-to-end digital technology services partner helping businesses utilize technology as a competitive advantage. We help our customers digitalize their existing business, build innovative new products, and augment their existing teams with high-performance team members. Our broad expertise in product management, user experience/design, cloud architecture, software development, data insights and intelligence, cybersecurity, emerging tech, and quality assurance ensures that we are delivering solutions that address business needs. 10Pearls is proud to have a diverse clientele including large enterprises, SMBs, and high-growth startups. We work with clients across industries, including healthcare/life sciences, education, energy, communications/media, financial services, and hi-tech. Our many long-term, successful partnerships are built upon trust, integrity, and successful delivery and execution.

Role

We are looking for a Staff SecOps Engineer, Ideal candidate should have experience or exposure to penetration testing tools such as Metasploit, Burp Suite, Nmap, Maltego, MOBSF, FRIDA, cydia etc.

Responsibilities

  • Plan and create penetration testing methods, scripts and tests 
  • Experience in security operation center tools like SIEM, Splunk, Wazuh etc.
  • Should be familiar with multiple SAST,DAST & SCA tools
  • Think critically about complex problems and situations. 
  • Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).
  • Develop novel attack vectors based on newly discovered vulnerabilities.
  • Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND).
  • Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the Mitre Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework.  Experience in information security audits, risk assessments and compliance procedures.
  • Carry out black box and white box penetration testing of client’s network, infrastructure to expose weaknesses in security.
  • Able to hack into web applications that are vulnerable to attacks. Specially OWASP top 10 and CWE top 25 vulnerabilities
  •  Advance level knowledge of mobile application penetration testing specially using FRIDA, DROZER and XPOSED framework.
  •  Advance level knowledge of API testing. Good command in request interception of REST & SOAP APIs. • Able to perform chained attacks, privilege escalation, and lateral movement
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: APIs Audits Black box Burp Suite Cloud CND Compliance DAST Metasploit Nmap OWASP Pentesting Risk assessment SAST SecOps SIEM Splunk Vulnerabilities White box

Perks/benefits: Startup environment

Region: Asia/Pacific
Country: Pakistan

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.