Penetration Testing Consultant I

About the Company

Advanced technology and cybersecurity company (sirar) established by stc, the region’s ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments. As experts in business security and privacy. We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently.

Responsibilities

• Uses security testing and code scanning tools to conduct code reviews.
• Carries out vulnerability scanning on systems and assets.
• Conducts required reviews, including reviews of defensive measures, according to the organization’s policies.
• Prepares cybersecurity assessment and audit reports that identify technical and procedural findings and include recommended remediation strategies and solutions.
• Analyzes organization's cybersecurity defense policies and configurations to evaluate compliance with regulations and organizational directives.
• Tests for vulnerabilities in web applications, client applications and standard applications.
• Conducts physical security assessments of servers, systems, and network devices.
• Explains business impact of vulnerabilities identified through testing to make case for addressing them.
• Presents test findings, risks, and conclusions to technical and non-technical audiences.
• Designs simulated attacks to reflect impact in the organization's business and its users.
• Conducts remote testing of a network to expose weaknesses in security.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related discipline.
• Master’s degree in Cybersecurity, Computer Science/Information Technology or related discipline is preferred.

Required Skills

• Advance proficiency in conducting vulnerability scans and determine vulnerabilities from the results.
• Intermediate proficiency in conducting penetration testing in line with the organization's policies and best practice.
• Advance proficiency in developing insights about an organization’s threat environment.
• Advance proficiency in analyzing vulnerability and configuration data to identify cybersecurity issues.
• Advance proficiency in mimicking threat behaviors.
• Intermediate proficiency in implementing adversary Tactics, Techniques and Procedures.

Preferred Skills

• Relevant certification in technology Security (CISSP, CAP, SSCP, (ISC)2, CCFP, CISM etc.) is preferred.
• ISO 27001 Lead Implementor, Lead Auditor.

Experience:

3-5 years in relevant experience.

Important Notice for Candidates:

By submitting your application, you confirm that you have read and understood sirar's Candidate Privacy Notice and agree to the processing of your personal data in accordance with it.