REQUIRED QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Security, or related field , or equivalent experience.
• OSCP certification (mandatory).
• 3–5 years of hands-on penetration testing experience.
• Proficiency with penetration testing tools (Burp Suite, Metasploit, Nmap, Wireshark, Nessus, etc.).
• Strong understanding of web application security , network protocols, operating systems, and cloud environments.
• Knowledge of scripting languages (Python, Bash, PowerShell, etc.) for custom exploit development.
• Excellent problem-solving and report writing skills.

PREFERRED QUALIFICATIONS

• Additional certifications: OSWE, OSEP, GPEN, CEH, CREST CRT, or similar .
• Experience with Red Team engagements .
• Familiarity with DevSecOps and CI/CD security testing.
• Understanding of threat intelligence and adversary simulation frameworks (MITRE ATT&CK).

SOFT SKILLS

• Strong communication and presentation skills.
• Ability to work independently and in a team.
• Analytical and detail-oriented mindset.
• Passionate about ethical hacking and continuous learning.

• Perform penetration testing on applications, networks, cloud, APIs, and systems to identify vulnerabilities.
• Conduct vulnerability assessments and exploit proof-of-concepts (PoCs).
• Develop and execute threat models and attack simulations.
• Collaborate with development, infrastructure, and security teams to remediate identified vulnerabilities.
• Prepare and deliver detailed reports including risk ratings, technical findings, and mitigation strategies.
• Stay updated on the latest security threats, exploits, and industry trends.
• Ensure compliance with industry standards (e.g., OWASP, NIST, ISO 27001, PCI DSS).