Penetration Testing Specialist

Advanced technology and cybersecurity company (sirar) established by stc, the region's ICT and digital services provider. Sirar by stc is a cutting edge cybersecurity provider that empowers organizations to take control of their cyber capabilities and digital environments. As experts in business security and privacy, we offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities

• Participate in reporting penetration testing and vulnerability assessment findings, including risk level, proposed mitigation, and details necessary to reproduce the test results.
• Identify methods that attackers could use to exploit system and network vulnerabilities.
• Mimic malicious social engineering techniques that an attacker would use to attempt a system breach to uncover security gaps and vulnerabilities.
• Gather information about network topography and usage through technical analysis and open source research and document findings.
• Use security testing and code scanning tools to conduct code reviews.
• Conduct authorized penetration testing of infrastructure and assets.
• Perform technical and non technical risk and vulnerability assessments of organizational technology environments.
• Test for vulnerabilities in web applications, client applications, and standard applications.
• Conduct physical security assessments of servers, systems and network devices.
• Participate in explaining business impact of vulnerabilities identified through testing to make a case for addressing them.
• Present test findings, risks, and conclusions to technical and non technical audiences.
• Participate in designing complex simulated attacks to reflect impact in the organization's business and its users.
• Contribute to the overall success of the company by performing all other duties and responsibilities as assigned by line manager.

Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline.

Professional Certifications Preferred

• OSCP, OSEP, OSWE, OSCP+, GCPN, GMOB.

Years of Experience

• 1-3 years in relevant experience.

Skills

• Intermediate proficiency in data collection and analysis.
• Intermediate proficiency in reporting skills and recommending actions to be taken.
• Intermediate proficiency in reviewing and editing cybersecurity related plans.
• Intermediate proficiency in identifying gaps and limitations in cyber threat intelligence provision.
• Intermediate proficiency in developing, deploying, and integrating policies that meet organizational system cybersecurity objectives.

Seniority Level

• Mid Senior level

Employment Type

• Full time

Job Function

• Information Technology
• IT Services and IT Consulting