Offensive Cybersecurity Specialist

We are looking for talented Offensive Security professionals who are passionate about cybersecurity to join our team in conducting security assessments, penetration testing, and attack simulations across various systems and applications, with a strong focus on Red Team activities.

Responsibilities

·       Conduct penetration testing and vulnerability assessments on web applications, mobile applications, API services, and supporting infrastructure.

·       Perform attack simulations (Red Team activities) to evaluate the effectiveness of security controls and provide actionable remediation recommendations.

·       Prepare clear, structured, and comprehensive assessment reports for relevant stakeholders.

·       Collaborate with internal teams on remediation processes, security improvement initiatives, and the deployment of new security technologies.

·       Develop, review, and maintain IT security SOPs and other technical documentation.

·       Stay up to date with the latest cybersecurity threats, attack techniques, and offensive security tools, while promoting security awareness and best practices to internal stakeholders.

Qualifications

·       Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or other related fields.

·       Minimum 2 years of experience as a Penetration Tester or Red Team member.
(Fresh graduates with relevant skills and portfolios are welcome to apply.)

·       Hands-on experience in security testing for web, mobile, and API applications.

·       Proficient in penetration testing and security assessment tools.

·       Strong understanding of DAST, SAST, and RASP concepts and tools.

·       Good understanding of operating systems, networking, and security controls such as WAF, IDS, and IPS.

·       Basic knowledge of cloud computing platforms such as AWS, Google Cloud, Azure, or similar technologies.

·       Familiar with log analysis and security event monitoring.

·       Strong analytical thinking, problem-solving, and communication skills.

·       High attention to detail, strong integrity, and the ability to work independently as well as collaboratively within a team.

Preferred Qualifications

·       Relevant certifications in penetration testing or offensive security
(OSCP, eJPT, PNPT, CEH, CRTO, or other equivalent certifications).

·       Experience participating in bug bounty programs.

·       Familiarity with DevSecOps concepts and practices.

·       Familiarity with SIEM tools.

·       Understanding of IT security policies, practices, architecture, and procedures.

·       Having a portfolio of cybersecurity write-ups, labs, or research projects is a plus.