Penetration Tester

• Conduct Penetration Tests: Perform comprehensive penetration testing on AI models, APIs, cloud infrastructures, and associated systems to uncover security weaknesses.
• AI-Specific Threat Analysis: Identify and assess vulnerabilities unique to AI systems, including model inversion, data poisoning, and adversarial attacks.
• Tool Development: Create and maintain custom scripts and tools to automate testing processes and improve efficiency.
• Reporting: Document findings in detailed reports, providing actionable recommendations to mitigate identified risks.
• Collaboration: Work closely with development, data science, and DevOps teams to integrate security best practices throughout the AI product lifecycle.
• Stay Updated: Keep abreast of the latest cybersecurity threats, penetration testing techniques, and AI security research.

• Penetration Testing Tools: Proficiency with tools like Kali Linux, Burp Suite, Metasploit, Nmap, and Wireshark.
• Programming and Scripting: Strong skills in Python, Bash, or PowerShell for automating tasks and developing custom testing tools.
• Networking and Protocols: In-depth understanding of TCP/IP, DNS, HTTP/HTTPS, and other networking protocols.
• Operating Systems: Experience with Windows, Linux, and macOS environments.
• Cloud Security: Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and their security configurations.
• AI and Machine Learning: Basic understanding of machine learning frameworks (e.g., TensorFlow, PyTorch) and AI model architectures.

• Demonstrated ability to assess complex systems and identify potential vulnerabilities.
• Creative approach to overcoming obstacles and finding effective solutions.
• Strong verbal and written communication skills to convey findings to technical and non-technical stakeholders.
• Commitment to ethical hacking practices and adherence to legal standards.
• Willingness to learn and adapt to evolving cybersecurity landscapes.

• Advanced Threat Analysis: Experience in identifying and mitigating sophisticated cyber threats.
• Social Engineering: Knowledge of social engineering tactics and their application in penetration testing.
• Security Frameworks: Familiarity with OWASP, NIST, and ISO/IEC 27001 standards.
• Secure Coding Practices: Understanding of secure coding standards and the ability to perform code reviews.

• Experience in leading security projects or mentoring junior team members.
• Ability to work effectively in multidisciplinary teams.
• Proactive in acquiring new knowledge and staying updated with industry trends.

• Master’s or Bachelor’s in Engineering with specialization in Computer Science or Artificial Intelligence or Information Technology or a related field.
• Demonstrated expertise with a minimum of four years in relevant roles.
• This role offers the flexibility of working remotely in India.

LeewayHertz is an equal opportunity employer and does not discriminate based on race, color, religion, sex, age, disability, national origin, sexual orientation, gender identity, or any other protected status. We encourage a diverse range of applicants.