Responsibilities:
- – Conduct regular penetration testing and risk assessment for platforms, APIs, and systems.
- – Provide detailed vulnerability reports and follow up on remediation.
- – Participate in red/blue team exercises to improve incident response.
- – Support security assessments for business and generate evaluation reports.
- – Track vulnerability trends and research attack techniques and defenses.
Requirements:
- – Solid knowledge of web security, network security, and common vulnerabilities (e.g., XSS, SQLi, privilege escalation).
- – Experienced with tools like Burp Suite, Metasploit, Nmap, Nessus.
- – Familiar with OWASP Top 10, MITRE ATT&CK frameworks.
- – Excellent reporting skills and ability to communicate risks clearly.
- – Certifications such as OSCP, CEH, or CISP are a plus.