Red teamer - urgent opening

Posted: Aug. 5, 2022, 10:02 a.m. - Full Time - Uae

Please find below details for VAPT.

A passionate Pentetration_Tester/Red_Teamer/Hacker/Offensive_Security_Engineer Required OSCP certification

MUST HAVE CAPABILITIES: •Hacker mindset •OSINT, information gathering -active and passive •Web Application Pentesting (SAST and DAST), OWASP top 10, SANS 25, •API pentesting (soap and rest) •Network penetration testing (external & internal), to include vulnerability exploitation and pivoting to gain remote system access, •Configuration Review •Mobile Application(Android and iOS) Penetration testing •A good understanding of Unix, Windows and network security skills. •Familiarity with application layer assessment tools, such as local proxies and fuzzers. •Familiarity with threat modelling and security design review methodologies. •Documenting technical issues identified during security assessments. •Ability to work remotely as part of a distributed team and travel to client sites when required. •Excellent communication skills in English (both written and oral), able to concisely communicate security risks to both technical and business audiences. •Ability to work both independently and perform as a leader in a team environment, •Work with a team of hackers to scope, plan, and execute realistic offensive security exercises. •Perform penetration testing using manual testing techniques, scripts, commercial and open-source tools, •Automate portions of penetration tests, scoping or other offensive security work, and use this model to inform and drive our assessments.

NICE TO HAVE : •Thick Client Application Pentesting •Wireless pentesting •IoT and embedded hardware security •Active Directory Assessment •Container security assessment (docker, Kubernetes) •Cloud security assessment •Conduct social engineering, Password Attacks & Client-Side Attacks •Windows and Linux Privilege Escalation •Traffic analysis(Wireshark, pcap) •Physical security •A good understanding of cryptography fundamentals. •Ability to read multiple programming languages and modify exploits if required for pentesting activity •Networking knowledge •Deep web / Dark Web analysis, data breach analysis