Senior Penstester Operator

• Perform penetration testing on application:
• Conduct Pentests (on web app, ERP, SAP systems as well as infra assets)
• Draft Business risk-oriented reports
• Assist the business and the project in correcting the identified vulnerabilities
• Contribute and help the team build and create additional security tools to scan and secure environment
• Participate to the teams Redteam / Purple activities
• Contribute to the definition and implementation of the team quality and performance metrics,

dashboard and reviews Contribute to the definition of global Cybersecurity roadmap

Skills

• Bachelors degree in computer science, Information Security; relevant certifications (e.g., OSCP, CRTP, Comp Security+) are a plus
• Proven experience (4+ years) working within the Cybersecurity field, with emphasis on Offensive security and hands on experience on Web application and API Pentest tools
• Good Understanding of OWASP top 10 or SANS top 25
• Familiar with basic understanding of Malware, TCP/UDP packets, security tools such IDS/IPS, Web proxies, SIEM, DNS security, DDoS protection, firewalls
• Understanding of network level attacks
• Basic / Entry knowledge around ERP and SAP systems
• Mobile Pentest (Android and IOS)
• Thick client application Pentest.
• Provide appropriate recommendations to correct identified vulnerabilities and flaws
• Experience with scripting languages (e.g., Python, Bash, Powershell, C#, Ruby, ) for automation and customization of security processes is a plus
• Familiar with CTF challenges Hack the Box, Root Me, TryHack Me,