REQUIRED SKILLS & EXPERIENCE:

• 7+ years of experience in penetration testing and red team operations
• Deep understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate.
• Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits.
• Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)
• Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator
• Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, Java, C, C++, C#, Powershell, curl, Web application development (PHP, ASP.NET, etc.)
• Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment.
• Experience with Malware (including reverse engineering) and with internal and external attacks.
• Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles
• Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively work in teams of individuals with a variety of skills and backgrounds.
• Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials.
• Highly self-motivated requiring little direction.
• Demonstrates creative/out-of-the-box thinking and good problem-solving skills.
• Demonstrates strong ethical behavior.

DESIRED SKILLS & EXPERIENCE:

• Strong knowledge of an enterprise architecture
• Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols.
• Expertise in adversarial testing and security assessment of AI/ML systems and environments, including the ability to identify vulnerabilities in model architectures, data pipelines, and deployment frameworks through red team operations, fuzzing, and simulated attacks.
• Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Understanding of mobile android and iOS environments and app development
• Experience with application security testing tools, such as the Metasploit framework and Burp Suite
• One or more of these certifications
• CEH: Certified Ethical Hacker
• CPT: Certified Penetration Tester
• CEPT: Certified Expert Penetration Tester
• GPEN: GIAC Certified Penetration Tester
• OSCP: Offensive Security Certified Professional
• BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field
  The description provided above is not intended to be an exhaustive list of all job duties, responsibilities, and requirements. Duties, responsibilities, and requirements may change over time and according to business needs.

Please refer the Job description for details