Penetration Tester

Job summary

The VOC Offensive Security Operator will be part of a team responsible for performing pentest activities on web applications as well as critical systems such as ERP, SAP, and infrastructure assets. You will also support the business in remediating its vulnerabilities. You will also be responsible for supporting the VOC triage team intrestesting, qualifying, and confirming various vulnerabilities coming out from vulnerability management tools.

The VOC Offensive Security Operator is responsible for:

Perform penetration testing on the company's application:

o Conduct Pentests (on web app, ERP, SAP systems as well as infra assets)

o Draft Business risk-oriented reports

o Assist the business and the project in correcting the identified vulnerabilities

Contribute and help the team build and create additional security tools to scan and secure company environment

Participate in the teams Redteam / Purple activities

Contribute to the definition and implementation of the team quality and performance metrics,

dashboard and reviews

Contribute to the definition of the global Cybersecurity roadmap

Skills :

Bachelors degree in computer science, Information Security; relevant certifications (e.g., OSCP, CRTP, CompTIA Security+ is a plus

Proven experience (10+ years) working within the Cybersecurity field, with emphasis on Offensive Security and hands-on experience on Web application and API Pentest tools

Good Understanding of OWASP top 10 or SANS top 25

Familiar with basic understanding of Malware, TCP/UDP packets, security tools such IDS/IPS, Web proxies, SIEM, DNS security, DDoS protection, firewalls

Understanding of network-level attacks

Basic / Entry knowledge around ERP and SAP systems

Mobile Pentest (Android and IOS)

Thick client application Pentest

Provide appropriate recommendations to correct identified vulnerabilities and flaws

Experience with scripting languages (e.g., Python, Bash, Powershell, C#, Ruby, ) for automation and Customization of security processes is a plus

Familiar with CTF challenges, Hack the Box, Root Me, TryHack Me,

Personal Skills :

Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience

Good Team player

Possess a positive and learning attitude

Excellent ability to think critically under pressure

Strong communication skills to convey technical concepts clearly to both technical and non-technical personnel stakeholders

Willingness to stay updated with evolving cyber threats, technologies, and industry trends

Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measures

Sense of Ownership, Priorities, and Autonomous