Cybersecurity Offensive Engineer Specialist

The Cybersecurity Offensive Engineer Specialist will play a crucial role in proactively identifying and mitigating potential security threats by conducting advanced penetration testing, vulnerability assessments, and simulated attack scenarios to safeguard organizational assets and data integrity. This position demands a high level of expertise in offensive security techniques and a commitment to maintaining the highest standards of cybersecurity.

Qualifications

The candidates in cybersecurity offensive engineer should be professional in penetrating testing (Web and Mobile) applications, he should follow offensive security methodology Information gathering based on offensive security industry, has good experience to building network penetration testing covered (network segmentation, isolation, wireless and testing the security controls implemented at the environment.

Good experience to read RFP and write technical document to the customers, also write the questioners to the customers of something unclear in the RFP.

Has good knowledge of all security testing tools and is professional in program languages.

Penetration Tester should have experience to collecting and testing the evidence and write a clear report with remediation, make a presentation, and represent to findings to stakeholder.

Educational Requirements: Bachelor’s degree in computer science, Information Technology, or a related field.

Professional Experience: 3 to 5 years of experience in cybersecurity, focusing on offensive engineering.

Technical Domains

• Web application penetration testing (Blackbox, GreyBox and Whitebox)
• Mobile application penetration testing
• Network penetration testing.
• Code Review: Experience in reviewing code for security vulnerabilities.
• Programming Language
• Java
• JavaScript
• C#
• ASP.NET
• Python
• Containerization and Orchestration
• Experience with Docker
• Experience with Kubernetes
• Databases
• Oracle
• MongoDB
• MSSQL Server
• Tools and Techniques
• Burp Suite
• Nmap
• OWASP ZAP Proxy
• Wireshark
• Netcat
• Various offensive toolkits
• Brute forcing tools like Hydra.
• Scripting and Automation: Strong knowledge and experience in using scripts for penetration testing and automating tasks.
• Security Standards
• Familiarity with OWASP Top 10 vulnerabilities and mitigation techniques
• Knowledge of SANS Top 25 Most Dangerous Software Errors
• Additional Skills
• Ability to analyze and interpret security logs and network traffic.
• Familiarity with various operating systems and their security features
• Strong problem-solving and analytical skills
• Excellent communication skills for reporting findings and suggesting mitigations.