Penetration tester

Posted: April 15, 2022, 6:33 a.m. - Full Time - Chennai

Penetration Tester Job Purpose

Penetration testers simulate cyberattacks in order to identify and report security flaws on computer systems, networks and infrastructure, including internet sites. The Penetration tester will perform authorised tests on bank computer systems in order to expose weaknesses in their security that could be exploited by criminals. This will include • Networks and infrastructures • Windows, Linux, Solaris, and Mac operating systems • Applications and databases running on bank systems • web/mobile applications • Internet of Things (IoTs). • Environment testing within the bank Accountabilities

As a penetration tester, you'll understand complex computer systems and technical cyber security terms. You'll need to: • work with internal stakeholders to determine their requirements from the test, for example the number and type of systems they would like testing • plan and create penetration methods, scripts and tests • carry out testing of the banks network, applications, mobile apps and infrastructure to expose weaknesses in security • simulate security breaches to test a system's relative security • create reports and recommendations from your findings, including the security issues uncovered and level of risk • advise on methods to fix or lower security risks to systems • report and present your findings, risks and conclusions to management and other relevant parties • consider the impact your 'attack' will have on the business and its users • understand how the flaws that you identify could affect a business, or business function, if they're not fixed. • Provide advice on how to minimize the risks identified during the testing. • Education / Qualifications: CEH, GPEN, OCSP, CRT • Knowledge: Security Testing, Pen Testing, Ethical Hacking, Network Security, Systems Security • Experience: 5 years in Penetration Testing directly • Accreditation / Licensing: • Generic & Specific Skills: • an in-depth understanding of computer systems and their operation • excellent spoken and written communication to explain your methods to a technical and non-technical audience • attention to detail, to be able to plan and execute tests while considering client requirements • the ability to think creatively and strategically to penetrate security systems • good time management and organisational skills to meet the banks deadlines • ethical integrity to be trusted with a high level of confidential information • the ability to think laterally and 'outside the box' • teamwork skills, to support colleagues and share techniques • exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done • business skills to understand the implications of any weaknesses you find • commitment to continuously updating your technical knowledge base