Key Responsibilities

• Plan, and conduct penetration tests scenarios on:
• Web applications, Database.
• Internal and external networks
• IoT devices (if applicable)
• Engage with security engineers in validating/ensuring a proper secure network
• Document and present detailed findings, technical risks, and remediation plans.
• Work with infrastructure teams to validate and fix vulnerabilities.
• Proactively search for new exploits, attacks, and security trends.
• Real Hands on to tools, scripts, and methodologies to improve testing capabilities.
• Assist in regulatory compliance testing (e.g., PCI-DSS, ISO 27001, HIPPA) as needed.

Required Skills & Experience

• 3-5 years of experience in penetration testing, offensive security, or red teaming
• Good understanding of:

+ OWASP Top 10, SANS Top 25, CVSS scoring

+ Network protocols (TCP/IP, DNS, HTTP, etc.)

+ Exploitation techniques, privilege escalation, lateral movement

+ Evasion and obfuscation techniques

• Experience with tools like Burp Suite, Metasploit, Cobalt Strike, Nmap, Nessus, Wireshark, Kali Linux, etc.
• Strong scripting or coding ability in Python, Bash, PowerShell, or similar
• Excellent report writing and verbal communication skills
• Offensive Security certifications strongly preferred: OSCP, OSCE, OSEP, CRTO, GXPN, GPEN, CEH
• Preferred to have Knowledge of regulatory requirements (PCI, HIPAA, GDPR, etc.)