Cybersecurity Senior Associate

Job Requirements and Preferences:

Basic Qualifications:

Minimum Degree Required:

Bachelor Degree

Minimum Years of Experience:

Two (2) year(s) experience on penetration testing, whether network infrastructure or application penetration testing

Preferred Qualifications:

Preferred Fields of Study:

Information/ Cyber Security, Computer and Information Science, Information Technology

Certification(s) Preferred:

PenTest+, Security+, Network+, Certified Ethical Hacker (C|EH), eLearnsecurity Junior Penetration Tester (eJPT), Offensive Security Certified Professional (OSCP), CREST certifications

Required Skill Set:

• Being well-versed in performing penetration tests, secure design and/or code reviews
• Being skilful in using and interpreting results from common security tools including but not limited to NMap, Nessus, Burp Suite, Drozer, MobSF, QARK, SQLMap, SSLyze and other tools in PenToo or Kali Linux distro.
• Familiarity with industry standard classification schemes such as CVE, CVSS, CWE, CAPEC
• Experience with basic to intermediate working knowledge of Unix, Linux, Windows, network devices, firewalls, web and/or mobile application developments
• Be able to conduct and simulate manual penetration tests
• Willing to develop tools or scripts as necessary so as to create proof-of-concept in challenging engagements
• Possess strong analytical mind in analysing, and verifying findings from security tools
• Possess relentless self-motivation and passion to explore new technologies, learn new penetration testing techniques and tools, circumvent security controls imposed in hardened applications
• Possess good interpersonal communication skills and helping mind in team-oriented environment

Preferred Knowledge/Skills:

• Demonstrates some knowledge and/or proven record of success in the following:
• Understanding Networking and applying Network Principles (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture;
• Applying ISO 27k Frameworks, NIST 800-53, OWASP and Penetration Testing Execution Standards; and,
• Applying vulnerability management and penetration testing of systems, networks and other devices
• Demonstrates some level of ability and/or proven record of success with:
• Working in a shift environment in the assigned shifts, with holidays aligned with client schedules;
• Leading daily huddles, shift handovers, preparing reports or providing inputs for reports as assigned;
• Preparing materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making;
• Acquiring and utilizing knowledge on new technologies and solutions, emerging threats and vulnerabilities;
• Running and analyzing a vulnerability scan as per the client schedules;
• Communicating information regarding the security threat landscape to leadership and clients; and,
• Identifying security threats, exploits, and attack vectors