Job Information
Industry
IT Services
Work Experience
4-6 years
City
Abu Dhabi
State/Province
Abu Dhabi
Country
United Arab Emirates
Zip/Postal Code
51133
Job Description
Job Description: Senior Specialist in Application and System Penetration Testing
Position Overview:
ValueMentor is seeking a highly skilled and experienced Senior Specialist in Application and System Penetration Testing to join our Cybersecurity team. This role is crucial in identifying and mitigating security vulnerabilities in web and mobile applications, as well as in system infrastructure. The successful candidate will have a strong background in both application and system penetration testing, with a proven ability to uncover security flaws and recommend effective remediation strategies.
Key Responsibilities:
Penetration Testing:
Conduct comprehensive penetration tests on web and mobile applications to identify security vulnerabilities and weaknesses.
Perform system penetration testing on various platforms including Windows, Linux, and network devices.
Utilize industry-standard penetration testing tools and methodologies to uncover security flaws.
Vulnerability Identification and Exploitation:
Identify and exploit vulnerabilities in applications and systems, including but not limited to Injection, authentication and authorization issues, and buffer overflows.
Simulate advanced persistent threats (APTs) and other sophisticated attack scenarios.
Tool Management and Development:
Configure, manage, and optimize penetration testing tools such as Burp Suite, Metasploit, Nmap, and others.
Develop custom scripts and tools to enhance penetration testing capabilities.
Documentation and Reporting:
Create detailed and comprehensive reports of penetration testing findings.
Document identified vulnerabilities, exploitation techniques, and provide actionable recommendations for remediation.
Maintain records of penetration tests, including methodologies, tools used, and remediation efforts.
Compliance and Standards:
Ensure all penetration tests adhere to relevant industry standards, regulations, and compliance requirements.
Assist in the development and maintenance of security policies and procedures related to penetration testing.
Qualifications:
Bachelors degree in computer science, Information Security, or a related field.
Minimum of 5 years of experience in penetration testing, application security, or a related discipline.
Proficiency in penetration testing tools such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.
Strong understanding of web and mobile application security, Azure environment including common vulnerabilities and attack vectors.
Experience with system penetration testing on various platforms including Windows and Linux.
Excellent analytical, problem-solving, and communication skills.
Relevant certifications such as OSCP, OSWE, OSEP, OSED are preferred.
Active participation in CTF and bug bounty are preferred
Skills and Competencies:
Expertise in both application and system penetration testing methodologies and tools.
Strong understanding of secure coding principles and application security best practices.
Excellent technical writing skills for clear and concise documentation.
Ability to work independently and as part of a team in a fast-paced environment.
Knowledge of programming and scripting languages (e.g., Python, Java, Bash) is a plus.
