Responsibilities
:
1. Proactive Security Assessments
2. Identify, analyze and prioritize vulnerabilities, misconfigurations, and design gaps in networks, applications, and infrastructure.
3. Drive "security by design" improvements through clear, actionable rmendations.
4. Collaboration & Knowledge Sharing
5. Work closely with incident response, SOC, and purple-team colleagues to translate offensive findings into enhanced detection and remediation strategies.
6. Present technical findings and remediation roadmaps to both technical teams and executive stakeholders.
Key Activities
7. Vulnerability Assessment Specialist
8. Configure and run automated scans ( Nessus, against target environments.
9. Manually validate scan results, triage false positives, and assess business impact.
10. Produce detailed assessment reports and present findings to clients.
11. Contribute to purple-team exercises to validate detection and prevention controls.
12. Penetration Testing Specialist
13. Plan and execute scoped pentests-both manual and tool-driven ( Burp Suite, Metasploit, Cobalt Strike).
14. Exploit identified weaknesses to validate risk, then propose realistic remediation steps.
15. Evaluate the maturity of existing security controls and vulnerability management processes.
16. Deliverprehensive engagement reports and debrief sessions with client teams.
17. Red Teaming Specialist
18. Design and run multi-phased red-team exercises emulating advanced persistent threat tactics, techniques, and procedures.
19. Employ stealthy evasion and privilege-escalation methods to demonstrate worst-case impact.
20. Evaluate and challenge blue-team detection, response playbooks, and incident handling capabilities.
21. Lead post-exercise "lessons learned" workshops and help harden defenses.
Required Skills and Experience :
22. Core Expertise
23. 3+ years hands-on experience in one or more offensive disciplines.
24. Proven ability to translate technical findings into business-oriented risk narratives.
25. Excellent written and verbalmunication skills.
26. Vulnerability Assessment
27. Mastery of vulnerability scanning platforms ( Nessus, Rapid7, Qualys).
28. Penetration Testing
29. Deep familiarity with web, network, and API pentesting toolchains (Burp Suite, Cobalt Strike, Metasploit).
30. Red Teaming
31. Advanced skills in adversary emulation, covert C2, stealthy payload delivery, and lateral movement.
Additional Skills :
32. Industry certifications such as OSCP, OSCE, CRTO, or GXPN.
33. Scripting proficiency (Python, PowerShell, Bash) for automation and custom tooling.
34. Experience testing cloud and container environments (AWS, Azure, GCP, Kubernetes).
35. Prior work in regulated sectors (finance, healthcare,ernment)
Job ID glFi4963YiP7