Knowledge, Skills, and Abilities:

• Strong analytical and problem-solving skills.
• Proficiency in penetration testing tools (e.g., Burp Suite, Metasploit, Nmap, Cobalt Strike, OWASP ZAP).
• Knowledge of network protocols, operating systems (Windows, Linux), and Active Directory security.
• Experience with exploitation techniques, privilege escalation, and lateral movement.
• Familiarity with MITRE ATT&CK, PTES, OWASP, and other security frameworks.
• Strong report writing and communication skills, with the ability to present findings to diverse audiences.
• Some scripting experience (Python, Bash, PowerShell, or Ruby) for automation and exploit development.

Education or Formal Training:

• Bachelor’s degree in cybersecurity, computer science, or a related field (or equivalent experience).

Experience:

• 3-7 years of hands-on experience in penetration testing, red teaming, or offensive security.
• Prior experience in consulting or client-facing security roles is preferred.

Additional Requirements/Licenses/Certifications:

• Security certifications such as CREST, OSCP, GPEN, GWAPT, or CRTO preferred.
• Ability to obtain advanced certifications (e.g., OSWE, OSEP, GXPN) within 12-18 months of employment.