- Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a Security by Design principle.

- Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training.

- Ability to think like an attacker.

- Conduct secure design reviews and contribute to threat modeling exercises.

- Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public.

- Plan, lead and execute projects, including team management.

- Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices.

- Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base.

Requirements :

- Minimum 5+ years of consulting experience in Red Teaming/Pentesting and possesses industry recognised

certifications (e.g. CISSP, OSCP, CRT, CREST, CRTP)

- Experienced and well versed in security testing domains. For example, red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing.

- Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC).

- Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques

- Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript).

- Hands-on experience securing cloud infrastructure and familiarity with containerization technologies (Kubernetes, Docker)