Job Description

Job Information


Date Opened


08/21/2024
Job Type


Full time
Industry


IT Services
Work Experience


4-6 years
City


Abu Dhabi
State/Province


Abu Dhabi
Country


United Arab Emirates
Zip/Postal Code


51133



: Senior Specialist in Application and System Penetration Testing

Position Overview:

ValueMentor is seeking a highly skilled and experienced Senior Specialist in Application and System Penetration Testing to join our Cybersecurity team. This role is crucial in identifying and mitigating security vulnerabilities in web and mobile applications, as well as in system infrastructure. The successful candidate will have a strong background in both application and system penetration testing, with a proven ability to uncover security flaws and recommend effective remediation strategies.

Key Responsibilities:

• Penetration Testing:
• Conduct comprehensive penetration tests on web and mobile applications to identify security vulnerabilities and weaknesses.
• Perform system penetration testing on various platforms including Windows, Linux, and network devices.
• Utilize industry-standard penetration testing tools and methodologies to uncover security flaws.
• Vulnerability Identification and Exploitation:
• Identify and exploit vulnerabilities in applications and systems, including but not limited to Injection, authentication and authorization issues, and buffer overflows.
• Simulate advanced persistent threats (APTs) and other sophisticated attack scenarios.
• Tool Management and Development:
• Configure, manage, and optimize penetration testing tools such as Burp Suite, Metasploit, Nmap, and others.
• Develop custom scripts and tools to enhance penetration testing capabilities.
• Documentation and Reporting:
• Create detailed and comprehensive reports of penetration testing findings.
• Document identified vulnerabilities, exploitation techniques, and provide actionable recommendations for remediation.
• Maintain records of penetration tests, including methodologies, tools used, and remediation efforts.
• Compliance and Standards:
• Ensure all penetration tests adhere to relevant industry standards, regulations, and compliance requirements.
• Assist in the development and maintenance of security policies and procedures related to penetration testing.
Qualifications:



• Bachelor's degree in computer science, Information Security, or a related field.
• Minimum of 5 years of experience in penetration testing, application security, or a related discipline.
• Proficiency in penetration testing tools such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.
• Strong understanding of web and mobile application security, Azure environment including common vulnerabilities and attack vectors.
• Experience with system penetration testing on various platforms including Windows and Linux.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as OSCP, OSWE, OSEP, OSED are preferred.
• Active participation in CTF and bug bounty are preferred

Skills and Competencies:



• Expertise in both application and system penetration testing methodologies and tools.
• Strong understanding of secure coding principles and application security best practices.
• Excellent technical writing skills for clear and concise documentation.
• Ability to work independently and as part of a team in a fast-paced environment.
• Knowledge of programming and scripting languages (e.g., Python, Java, Bash) is a plus.