Lead mobile, web application, and API penetration testing within the designated scope and rules of engagement
Write clear, actionable reports for penetration tests
Interface with and support other CIS organizations such as Incident
Response, Governance, Risk and Threat Intelligence
Compose and maintain policy as well as operational process documentation
Experience with assessing with Cloud-native services, service meshes, and Kubernetes-platform based micro-services, experience on AWS/GCP is a plus. Experience in infra/network / Application /API vulnerability assessment and penetration testing.
Experience with different offensive security tools Techniques kali/Metasploit/Burp/Zap/nmap/ to name a few. Strong knowledge of threat modelling methodologies and related frameworks like MITRE ATTCK, CAPEC, etc.
Develop Penetration test cases and continuous verification on offering level. Increasing the organizational effectiveness by increasing the automation level in verification activities.