Penetration Tester - Offensive Security

Tasks

• Conduct OT ICS SCADA security testing
• Conduct red team engagements
• Conduct social engineering campaigns
• Contribute to scoping and estimation
• Deliver client deliverables
• Deliver findings briefings
• Develop custom tooling
• Develop scripts
• Document findings
• Emulate adversaries
• Execute internal pivoting
• Execute lateral movement
• Execute penetration tests
• Handle evidence safely
• Improve detection and response
• Maintain engagement hygiene
• Perform assumed breach assessments
• Perform cloud configuration reviews
• Perform privilege escalation
• Plan penetration tests
• Scope penetration tests
• Support purple team exercises

Perks/Benefits

• Certification sponsorship
• Compliance and training support
• Conference participation
• Dedicated research time
• Hybrid work
• Lab budget
• On site client locations

Skills/Tech-stack

ADCS Abuse | AMSI Bypass | API Security | AS REP Roasting | AWS | Active Directory | Adversary Emulation | Application Security | Azure | Azure Entra | Azure Entra ID | Bash | BloodHound | BloodHound Pathing | Burp Suite | C Sharp | C2 frameworks | CIS Benchmarks | CSA CCM | CVE | CVSS | Cloud Security | Cloudflare Access | Cobalt Strike | Conditional Access | CrackMapExec | EDR evasion | Entra Conditional Access | Entra ID | GCP | Go | ICS Security | Identity Aware Perimeter | Impacket | Kerberoasting | MITRE TTPs | Metasploit | Mimikatz | Mitre Attack | Mobile Security | Mythic | NIST SP | NIST SP 800 | NIST SP 800-115 | NTLM Relay | Nessus | Netexec | Network Security | Nmap | Nuclei | OSSTMM | OT Security | OWASP ASVS | OWASP WSTG | PTES | Pass the PRT | Pass-the-Hash | Penetration Testing | Powershell | Purple Team | Purple Team Metrics | Purple Team exercises | Purple Teaming | Python | Red Teaming | Responder) | SCADA Security | SP 800-115 | Sliver | Team exercises | Team metrics | Web Application | Web application security | Windows Security | Wireless Security | ZTNA | Zscaler