Job Description

Minimum requirements

• Minimum of 4 years hands on experience in penetration testing and red teaming
• Experience with tools such as Burp Suite, Checkmarx, Cobalt Strike and Metasploit
• Knowledge of programming languages, Android, iOS and Huawei
• Demonstrated track record of applying technical knowledge to help improve security
• Ability to adapt and take on new tasks and challenges
• Ability to script and automate processes
• Relevant qualifications and certifications such as OSCP, OSWE, SANS and CREST

Duties:

• Hacking the planet get your hands dirty and pull apart code, whether it is application, mobile, platform, container or on-premise or cloud infrastructure - and look for bugs.
• Coordinate application and infrastructure penetration testing with internal and external parties according to our internal methodology and where relevant, in line with compliance requirements (e.g., PCI).
• Support the building and maturing of the red and purple teaming capability area, leveraging technology and automation with the goal of continual control validation.
• Modelling Threats enhance and optimise infrastructure, platform, application and mobile security by identifying threats, vulnerabilities and associated countermeasures.
• Draft funky but professional reports to detail the findings of the assessments, including appropriate recommendations to mitigate identified security issues.
• Help drive and validate remediation of findings.
• Maintain and enhance cool toolsets manage the relevant tools required for mature product security that include pen testing, secure coding and source code analysis. Investigate new approaches, technology and automation to challenge traditional thinking and raise the level of security.
• Secure the development of products integrate security practices into the software development lifecycle, verify the security of internally and externally developed applications and services during and after development and deployment. Actively participate in the SDLC though guidance, education, input and facilitation.
• Consult with application development teams during projects and initiatives.
• Provide AppSec reporting for operational security dashboards.
• Provide AppSec guidance via documentation, standards, and collaboration.

Additional Responsibilities

• Supporting the Blue Team to wield their shields
• Support the team in responding to security incidents when needed.

Supporting the broader Cyber SecOpsTeam

• Collaborate with the broader SecOps Team, to drive and support various operational and strategic initiatives.
• Champion or co-champion internal security solutions and/or processes.

ExecutivePlacements.com