We are seeking a highly skilled and detail-oriented Cybersecurity System Testing Specialist to join our dynamic cybersecurity team. The ideal candidate will have a strong background in cybersecurity and system testing, with a focus on identifying and mitigating security vulnerabilities within our systems and applications.
Key Responsibilities:
- Conduct comprehensive security testing, including penetration testing, vulnerability assessments, and security audits of applications, systems, and networks.
- Develop and execute security test plans and test cases.
- Identify, report, and document security vulnerabilities and weaknesses.
- Collaborate with development and IT teams to ensure secure system configurations and implementations.
- Assist in the development and implementation of security policies, procedures, and standards.
- Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices.
- Participate in incident response activities and provide expertise in security breaches and threats.
- Perform risk assessments and contribute to risk management processes.
- Provide technical guidance and support to junior security testers and other team members.
Qualifications:
Education:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A master's degree is a plus.
- Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), CISSP (Certified Information Systems Security Professional), or equivalent are highly desirable.
Experience:
- Minimum of X years of experience in cybersecurity, with a focus on security testing, penetration testing, and vulnerability assessment.
- Proven experience with security testing tools such as Metasploit, Burp Suite, Nessus, Wireshark, and similar.
- Experience with both manual and automated security testing methodologies.
Skills:
- Strong understanding of network protocols, network configurations, and operating systems (Windows, Linux, macOS).
- Proficiency in scripting languages such as Python, Bash, or PowerShell.
- Familiarity with regulatory requirements and standards such as GDPR, HIPAA, PCI-DSS, and NIST.
- Excellent analytical, problem-solving, and critical-thinking skills.
- Strong written and verbal communication skills, with the ability to explain complex security issues to non-technical stakeholders.
- Ability to work independently and as part of a team in a fast-paced, dynamic environment.
- Identify and mitigate SQL injection, JavaScript injection, and other common security vulnerabilities.
- Perform penetration testing, including black box and white box testing.
- Analyze security incidents and conduct forensic investigations to determine the root cause and prevent recurrence.
Personal Attributes:
- High level of integrity and professional ethics.
- Detail-oriented and highly organized.
- Proactive and self-motivated with a continuous improvement mindset.
- Strong interpersonal skills and the ability to collaborate effectively with cross-functional teams.
Preferred Qualifications:
- Experience with cloud security testing (AWS, Azure, Google Cloud Platform).
- Knowledge of secure coding practices and code review processes.
- Experience in threat modeling and security architecture reviews.
- Familiarity with DevSecOps practices and integration of security testing in CI/CD pipelines.
