Description :

- Perform advanced Vulnerability Assessment and Penetration Testing (VAPT) across external infrastructure, internal networks, web and mobile applications, APIs, and cloud environments (AWS, Azure, GCP).

- Conduct CIS Benchmark-based hardening assessments and implementations across operating systems (Windows, Linux), databases, middleware, network devices, and cloud platforms.

- Deliver customized hardening guides and security baselines mapped to client-specific compliance requirements and regulatory frameworks.

- Execute Dynamic Application Security Testing (DAST) on web and API applications (both authenticated and unauthenticated) using enterprise-grade tools; analyze, validate, and prioritize findings with actionable remediation guidance.

- Run Breach and Attack Simulation (BAS) scenarios to test resilience against real-world adversary tactics, techniques, and procedures (TTPs).

- Prepare comprehensive technical reports and executive-level summaries highlighting vulnerabilities, attack paths, misconfigurations, and compliance gaps.

- Continuously research emerging attack vectors, zero-day vulnerabilities, DAST methodologies, and new CIS benchmark updates to refine assessment strategies.

- Contribute to Ransomware Resiliency Assessments (RRA) by simulating ransomware behaviors and evaluating control effectiveness.

Required Skills & Experience :

- 812 years of direct, hands-on cybersecurity consulting experience, with deep expertise in VAPT, CIS benchmarking, and application security testing (DAST).

- Proven track record performing end-to-end penetration tests and dynamic application security scans using industry tools such as Burp Suite Pro, OWASP ZAP, Nessus, Qualys, Netsparker, Acunetix, and custom scripts.

- Strong understanding of web application security flaws (OWASP Top 10, API security issues, authentication/authorization flaws, injection attacks, deserialization, SSRF, RCE, etc.) and ability to exploit and document them.

- Solid understanding of network protocols, operating system behaviors, and common application security principles relevant to modern IT environments.

- Hands-on experience with CIS Benchmark implementation and verification across diverse platforms, ensuring alignment with client compliance mandates.

- Familiarity with BAS tools and adversary emulation frameworks to measure detection and response maturity.

- Proficiency in scripting/automation (Python, PowerShell, Bash) to extend testing capabilities or validate findings.

- Working knowledge of security architecture frameworks (e.g., SABSA) and threat modeling methodologies (e.g., STRIDE, kill chains, attack trees) to support risk-informed vulnerability assessments, hardening efforts, and remediation planning.

- Ability to write and present detailed remediation reports, security recommendations, and compliance-aligned hardening outputs.

- Strong communication skills to convey technical findings to technical and executive stakeholders.

Preferred Qualifications :

- Bachelors degree in engineering, Computer Science, or related discipline.

CEH Certification (Mandatory) plus one or more advanced certifications :

a. OSCP (Offensive Security Certified Professional)

b. eCPPT (eLearn Security Certified Professional Penetration Tester)

c. CompTIA Pentest+

d. CRTP / CRTE (Certified Red Team Professional/Expert)

e. CIS-CAT Pro Assessor or equivalent CIS Benchmark credentials

- Familiarity with MITRE ATT&CK and adversary simulation frameworks.