Mandate Skills (Must-Have) :

These are required to qualify :

Education & Experience :

- Bachelor's degree in Computer Science, IT, or equivalent experience.

- 7+ years of professional experience in penetration testing / offensive security.

- Minimum 2 years of red team operations experience.

- Minimum 2 years of practical cloud penetration testing (AWS, Azure, GCP).

Technical Expertise :

- Strong hands-on experience in infrastructure penetration testing (internal & external).

- Manual web, mobile, and API penetration testing experience.

- Deep knowledge of network protocols, Active Directory, privilege escalation techniques.

- Demonstrated use of C2 frameworks (e.g., Cobalt Strike, Silver, Core Impact, Outflank).

- Proficiency in scripting/coding languages (Python, PowerShell, Bash, etc.).

- Ability to simulate real-world adversarial techniques and build creative attack chains.

Professional Skills :

- Strong reporting skills (technical vulnerabilities, exploit paths, remediation).

- Effective client-facing communication (explaining risks & mitigation to technical and non-technical stakeholders).

- Analytical and offensive mindset with ability to adapt to new technologies quickly.

Good-to-Have Skills (Value-Add) :

These are not mandatory but will make a candidate stand out :

- Hands-on experience with cloud container security and IAM privilege escalation.

- Familiarity with threat simulation frameworks (MITRE ATT&CK, APT TTPs).

- Prior experience in social engineering engagements and physical security assessments.

- Experience developing or customizing offensive security tools/scripts.

- Knowledge of threat intelligence and ongoing research on CVEs, emerging exploits.

- Prior involvement in methodology/tool development for red team or pentest functions.

- Content contribution : blogs, training material, or conference presentations.

- Mentorship and team training experience.

- Advanced use of Burp Suite, BloodHound, or custom tooling.