- Perform penetration tests and vulnerability assessments to identify security weaknesses within applications and networks using tools and tactics.
- Perform gap analysis according to best practices to systems, processes, and environments.
- Assess cyber security risks for weaknesses and gaps according to probability and impact.
- Write comprehensive and accurate technical reports explaining the weaknesses and providing a mitigation plan to reduce risk.
- Develop and improve scripts, tools, or methodologies to enhance the risk assessment.
- Experience in testing platforms such as Hack the Box, TryHackMe, OverTheWire, etc.
- Experience in working with tools used for web/mobile application and network penetration testing.
- Understanding of Linux and Windows operating systems, including bash and PowerShell.
- Ability to document and explain technical details in a concise, understandable manner.
- Experience with Active Directory (GPO) and cloud infrastructure (AWS, Azure, GCP).
- Experience with the application, network, and endpoint security controls such as firewalls, IPS, NAC, WAF, Email/Web gateways, etc.
- Ability to manage and balance own time among multiple tasks.
- Ability to think outside the box and a hacker mindset.