Senior Cybersecurity Professional

About Position: We are looking for a skilled Cybersecurity Specialist with a focus on offensive security and penetration testing to join our team. The ideal candidate will have a strong background in ethical hacking across networks, cloud infrastructure, web, and mobile applications.

• Role: Cybersecurity Specialist

The successful candidate will be responsible for proactively identifying, exploiting, and reporting security vulnerabilities to protect our systems and data from evolving threats. This is a key role that requires a proactive, adversarial mindset, strong technical expertise, and excellent problem-solving skills.

• Cybersecurity Testing: Define test suites for pen testing, red teaming, and conduct comprehensive black-box and white-box penetration tests against our web applications, mobile applications, cloud infrastructure to identify and validate security weaknesses.
• Web Application Security: Conduct security assessments and pen tests for web applications, including an understanding of common vulnerabilities beyond the OWASP Top 10.
• Mobile Application Security: Conduct security assessments, penetration tests, and code reviews for iOS and Android mobile applications.
• Cloud & Network Security: Conduct pen tests on cloud assets, validate vulnerabilities reported by tools, including CNAPP, threat monitoring tools, and simulate real-world attacks on our cloud environments (e.g., AWS, Azure, GCP) and internal networks to test the effectiveness of existing security controls.
• Vulnerability Management: Perform continuous vulnerability scanning, manage the vulnerability lifecycle.
• Incident Response: Support the incident response team by providing technical analysis of attack vectors, root cause analysis during incidents, and threat intelligence derived from penetration tests.
• Collaboration: Work closely with development, DevOps, and infrastructure teams to provide clear, actionable recommendations for remediation and help build more secure systems.
• Tooling: Develop and maintain custom scripts and tools to automate testing and analysis.
• Reporting: Create detailed, high-quality technical and executive-level reports that clearly articulate findings, risks, and recommendations.

• Bachelor's degree in computer science, Information Technology, or a related field, or equivalent practical experience.
• 4-6 years of professional experience in information security, with a strong focus on offensive security.
• Proven hands-on experience in conducting penetration tests for web applications, networks, cloud infrastructure, and mobile applications.
• Deep understanding of the OWASP Top 10, common attack vectors, and exploitation techniques.
• Good knowledge of AWS/Azure and DevSecOps processes and security best practices. Proficiency with penetration testing tools like Burp Suite, Metasploit, Nmap, Kali Linux.
• Strong analytical and problem-solving skills, with the ability to work independently and as part of a team.
• Excellent written and verbal communication skills, including the ability to present complex technical information to non-technical audiences.
• Relevant security certifications such as OSCP, CEH.
• Experience with scripting languages (e.g., Python, Bash) for automation and tool development.
• Familiarity with container security (Docker/Kubernetes/ECS etc.) and attacking containerized environments.
• Knowledge of AI/ML fundamentals, their security, and agent development.
• Knowledge of common security compliance frameworks (e.g., PCIDSS, ISO 27001, NIST).