CyberSecurity Engineer/Penetration tester
|Работодатель:||Esco Micro Pte Ltd|
|Квалификация:|| A minimum of around 1 year of experience in security penetration testing.|
Experience on security testing using frameworks like Metasploit and any similar
Profiling applications, identifying threats, developing test cases and relevant threat models.
Experience in exploitation of vulnerabilities in applications, networks and IT infrastructure.
Experience with tools like Bloodhound, ADFind, ADRecon, Impacket (secretsdump, wmiexec, smbclient etc), Empire, Covenant, Socks4/Socks5 Proxies, 3Proxy, Chisel, plink, putty, nmap, massscan, CrapMapExec.
Experience with PowerShell, Group Policy Scripts, Powershell Automation, Python Scripts.
Experience on research of emerging security topics and new attack vectors.
Knowledge on technologies like IPSEC, SSL, SSH, VPN, DNS, SMTP, FTP.
|Задачи:||Execute engagements in application security assessments, infrastructure security Penetration Testing, and Vulnerability Assessment on IT infrastructure.|
Profile an application, identifying threats, and developing test cases to different targets identified threats.
Identify and exploit vulnerabilities in applications and infrastructure.
Prepare reports documenting identified issues..
Identify potential vulnerabilities based on misconfiguration, policy, or design flaws on the organization's IT applications and infrastructure.
Perform validation on Responsible Disclosures and provide remediation recommendations to business and development teams to mitigate vulnerabilities.
Apart from these responsibilities, the analyst will be working on various technologies in the Security Operations Center like Endpoint Detection and Response, SIEM solutions, threat intelligence etc.