Similar Jobs

Main Responsibilities:

1. Conducting vulnerability assessments and penetration testing to identify security weaknesses across infrastructure and applications. 
2. Perform offensive security activities, including red teaming exercises, to simulate real-world cyber-attacks and evaluate the effectiveness of defensive measures. 
3. Knowledge of current attack methods, manual penetration testing techniques, tools (e.g., Nessus, Nmap, Metasploit, Kali Linux, Sonar, Burp Suite etc.). 
4. Staying current with new attack vectors and tools, and incorporating them into testing procedures 
5. Work closely with the cross-domain teams to resolve security issues and suggest appropriate fixes.  
6. Documenting and reporting findings, including recommendations for remediation and liaising with internal stakeholders for closure. 
7. In-depth knowledge of OWASP Top 10 and OWASP API Top 10 security concepts, along with common application security risks. 
8. Perform in-depth manual and automated static secure code analysis with open-source and commercial tools. 
9. Automate common testing techniques to improve efficiency and write technical and executive reports. 
10. Any other related duty assigned by the Line Manager/HOD Information Security.  

Qualification, Experience and Skills:  

• 0-3 years of experience in cybersecurity specific to vulnerability assessment & penetration testing.  
• Bachelor’s degree in engineering/ information security/ cybersecurity/ computer science-related field required.  
• Knowledge and understanding of common information security management frameworks, such as ISO/IEC 27001, NIST, OWASP, and other standards & practices. 
• In-depth knowledge of application security principles, including common vulnerabilities such as OWASP Top 10, and ASVS. 
• Experience conducting vulnerability assessments and penetration tests using industry-standard tools and methodologies, such as Sonar, Burp Suite, Metasploit, Nmap, and Nessus. 
• Strong understanding of cryptographic principles and encryption algorithms, as well as secure communication protocols such as HTTPS. 
• Ability to interpret and analyze application source code, configuration files, and network traffic logs to identify security issues and recommend remediation strategies. 
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders. 
• Strong analytical and problem-solving skills. 
• Ability to work effectively in a fast-paced, project-oriented environment. 

Skills:

Communication Skills, Nmap, Nessus, OWASP, Cyber Defense, Cyber Security,