Conduct network penetration testing, employing a variety of techniques such as exploiting vulnerabilities, bypassing defences, and escalating privileges.
Design and execute targeted social engineering attacks to evaluate human vulnerabilities and security awareness.
Develop assumed breach scenarios to simulate real-world attacks, testing the effectiveness of our incident response procedures and readiness.
Utilize penetration testing frameworks like Metasploit, Kali Linux, and Burp Suite, while continuously updating knowledge and exploring new tools.
Collaborate with blue teams, developers, and stakeholders to effectively communicate findings, prioritize vulnerabilities, and recommend remediation strategies.
Stay informed about emerging threats by researching, attending conferences, and actively contributing to the offensive security community.
Required Skills:
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). A Master's degree in Information Security is advantageous.
Experience with social engineering techniques and methodologies.
Proficiency in scripting languages like Python and Bash.
Excellent communication and teamwork skills, capable of explaining complex technical concepts to both technical and non-technical audiences.
A passion for learning, consistently seeking new ways to enhance skills and knowledge.
Bonus points for experience with cloud security, web application security, and post-exploitation frameworks.