Job Title:

Penetration Tester / Ethical Hacker

Role Overview:

The Penetration Tester is responsible for assessing the security posture of applications, networks, and systems by simulating real-world attacks. This role involves identifying vulnerabilities, exploiting them ethically, and providing actionable remediation guidance to strengthen security.

Key Responsibilities:

• Perform penetration testing on web applications, APIs, mobile apps, networks, and cloud environments.
• Conduct vulnerability assessments and exploit verification.
• Develop and execute custom attack scenarios to identify weaknesses.
• Document findings and provide detailed remediation recommendations.
• Collaborate with development and security teams to fix identified issues.
• Stay updated on latest exploits, attack techniques, and security tools.
• Assist in red team exercises and advanced threat simulations.
• Ensure compliance with industry standards (OWASP, NIST, PCI-DSS).

Required Skills:

• Strong knowledge of network protocols, operating systems, and application architectures.
• Expertise in penetration testing tools (Burp Suite, Metasploit, Nmap, Nessus, Kali Linux).
• Familiarity with secure coding practices and common vulnerabilities (OWASP Top 10).
• Proficiency in scripting languages (Python, Bash, PowerShell) for automation.
• Understanding of cloud security (AWS, Azure, GCP).
• Knowledge of exploit development and reverse engineering (optional but preferred).

Certifications (Preferred):

• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker)
• CPT (Certified Penetration Tester)
• GWAPT (GIAC Web Application Penetration Tester)

Soft Skills:

• Strong analytical and problem-solving skills.
• Ability to communicate technical findings to non-technical stakeholders.
• Team collaboration and adaptability.