Cybersecurity Analyst

• Perform web application, API, mobile, network, and cloud penetration testing
• Conduct black-box, gray-box, and white-box testing
• Identify vulnerabilities such as:
  • OWASP Top 10 (e.g., SQL Injection, XSS, IDOR)
  • Misconfigurations in cloud (Azure, AWS, OCI)
• Exploit vulnerabilities in a controlled environment to validate risks

️ Red Team & Adversary Simulation

• Execute Red Team engagements simulating real-world attack scenarios
• Perform social engineering assessments (phishing, vishing if allowed)
• Conduct lateral movement, privilege escalation, and persistence techniques
• Map findings to frameworks like:
  • MITRE ATT&CK
  • Cyber Kill Chain

Reporting & Risk Management

• Prepare detailed technical reports with:
  • Proof of Concept (PoC)
  • Risk ratings (CVSS)
  • Business impact
  • Remediation recommendations
• Present findings to both technical teams and management

• ️ Tools & Technologies

• Use tools such as:
  • Burp Suite, OWASP ZAP
  • Metasploit, Nmap
  • Nessus, OpenVAS
  • Wireshark
• Develop custom scripts using:
  • Python, Bash, PowerShell

• ️ Cloud & DevSecOps Security

• Assess security in:
  • Microsoft Azure, AWS, Oracle Cloud (OCI)
• Perform:
  • Container security testing (Docker, Kubernetes)
  • CI/CD pipeline security assessments
• Integrate security testing into DevSecOps pipelines
‍

Leadership & Mentorship

• Mentor junior penetration testers and analysts
• Review technical findings and reports
• Lead customer discussions and security workshops

Required Qualifications

Education

• Bachelor’s/Master’s in:
  • Cybersecurity
  • Computer Science
  • Information Security (or equivalent experience)

Experience

• 5–8+ years in cybersecurity with strong focus on penetration testing
• Experience in:
  • Web & API security testing
  • Network & infrastructure testing
  • Cloud security assessments

Certifications (Preferred)

• OSCP (Highly Preferred)
• CEH, eCPPT, eWPT
• CREST, GPEN
• Azure/AWS Security Certifications