Senior Penetration Tester

• Perform penetration testing which includes internet, intranet, web application, wireless,
social engineering, physical penetration testing.
• Execute penetration testing projects using the established methodology, tools and rules of
engagements.
• Execute red team assessments to highlight gaps impacting organizations security postures.
• Identify and exploit security vulnerabilities in a wide array of systems in a variety of
situations.
• Perform in-depth analysis of penetration testing results and create report that describes
findings, exploitation procedures, risks and recommendations.
• Convey complex technical security concepts to technical and non-technical audiences
including executives.
• Strong knowledge of OWASP Top 10 web and the ability to effectively communicate
methodologies and techniques with development teams
• Understanding and experience with Active Directory attacks.
• Understanding of TCP/IP network protocols.
• Develop automated solutions that mitigate risks throughout the organization.
• Ability to automate DAST/SAST solutions and reporting
• Support SDLC and agile environments with application security testing and source code
reviews.
• Provide technical leadership and advise to junior team members on attack and penetration
test engagements.

Qualification
• Understanding of web-based application vulnerabilities (OWASP Top 10).
• Good understanding of enterprise security controls in Active Directory / Windows
environments
• Understanding of TCP/IP network protocols.
• Understanding of network security and popular attacks vectors.
• Ability to communicate detailed technical information to a non-technical audience clearly
• Experience with Operation Technology / Internet of Things, Cloud technologies (AWS,
Azure, GCP), Active Directory and 802.1x penetration testing
• Strong understanding of security principles, policies, and industry best practices
• Demonstrable flair for technical writing, including engagement reports, presentations and
operating procedures

To qualify for the role, you must have
• BE/ B.Tech/ MCA or equivalent
• Minimum of 2 years of work experience in penetration testing which may include at least
three of the following: internet, intranet, web application penetration tests, wireless, social
engineering, physical and Red Team assessments.
• Knowledge of Windows, Linux, UNIX, any other major operating systems.
• Strong Excel and PowerPoint skills.

Ideally, you’ll also have
• Project management skills
• Certifications: CISSP, GPEN, GWAPT.
• One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or
eWPTX