Cyber Security Engineer | Vulnerability Management
Responsibilities
• Actively participate in security testing of web and mobile applications.
• Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities.
• Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a "Security by Design" principle.
• Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training.
• Ability to think like an attacker.
Conduct secure design reviews and contribute to threat modeling exercises.
• Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public.
• Plan, lead and execute projects, including team management.
• Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices.
• Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base.
Requirements
• Minimum 2 years of consulting experience in Red Teaming/Pentesting and possesses industry recognised certifications (e.g.CISSP, OSCP, CRT, CREST, CRTP)
• Experienced and well versed in security testing domains.
• For example, red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing.
• Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC).
• Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques
• Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript).
• Hands-on experience securing cloud infrastructure and familiarity with containerization technologies (Kubernetes, Docker).
(ref:hirist.tech)
Apply Now
• Actively participate in security testing of web and mobile applications.
• Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities.
• Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a "Security by Design" principle.
• Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training.
• Ability to think like an attacker.
Conduct secure design reviews and contribute to threat modeling exercises.
• Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public.
• Plan, lead and execute projects, including team management.
• Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices.
• Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base.
Requirements
• Minimum 2 years of consulting experience in Red Teaming/Pentesting and possesses industry recognised certifications (e.g.CISSP, OSCP, CRT, CREST, CRTP)
• Experienced and well versed in security testing domains.
• For example, red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing.
• Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC).
• Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques
• Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript).
• Hands-on experience securing cloud infrastructure and familiarity with containerization technologies (Kubernetes, Docker).
(ref:hirist.tech)