Cybersecurity Penetration Tester

Job Roles and Responsibilities:

The Cybersecurity Penetration Tester will be responsible for conducting regular audits on our client’s IT systems, ensuring compliance with all relevant regulations and standards. The ideal candidate will have a strong understanding of IT systems, network security, and audit procedures. Job responsibilities include:

Vulnerability Assessment and Penetration Testing

• Perform Vulnerability Assessment and Penetration Testing (VAPT) to across multiple clients and industries to identify potential security vulnerabilities, in support of our client's security requirements to test and validate the effectiveness of their IT security posture.
• Supporting remote and onsite operations by employing simulated adversarial threat-based approaches to expose and exploit vulnerabilities to identify weaknesses and to improve the security posture and operational procedures
• Using various testing, social engineering, and penetration testing approaches for vulnerability identification, enumeration, and purposeful exploitation to determine the value and effectiveness of a network, system, or application's security configuration

IT Audit

• Evaluate the effectiveness of clients’ information-processing controls across industries, business process cycles and network platforms.
• Conduct regular IT audits to ensure compliance with all relevant standards and regulations.
• Identify and assess IT risks and controls, and suggest mitigation strategies.
• Assist in the development of IT audit scope and IT audit procedures.
• Evaluate the effectiveness of IT general controls and recommend improvements.
• Prepare and present reports that reflect audit results and document the proposed process.
• Engage in continuous knowledge development regarding sector’s rules, regulations, best practices, tools, techniques, and performance standards.
• Collaborate with IT staff and management to improve security and efficiency.
• Assist in conducting internal audits and providing necessary certifications.
• Perform other ad-hoc duties as assigned.

Job Requirement:

• Bachelor’s degree in IT, Computer Science, or a related field.
• Professional certifications in OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), OSCE (Offensive Security Certified Expert), CREST or equivalent
• Other professional certifications such as CISA, CISSP, or CISM are preferred.
• Proven experience as an IT auditor or similar role in a cybersecurity environment.
• Strong knowledge and understanding of IT systems, network security, and VAPT, including IT standards and frameworks (e.g., COBIT, NIST, ISO 27001), IT audit methodologies, techniques, and tools.
• Excellent communication skills in both oral and written English.
• Able to appreciate business process issues and understand business transaction scenarios, and how an application system can support them.
• Resourceful and able to work out technical solutions.
• Logical thinking, good attitude, fast learner, and good team player.
• Able to handle multiple tasks and assignments.
• Able to work under pressure and meet deadlines.