NetAnalytiks - Penetration Tester - Threat Modeling

Company Description

NetAnalytiks is a leading consulting firm specializing in providing expert services in the critical areas of cyber security, machine learning, and data analytics. We empower organizations to navigate the complex digital landscape with robust security solutions and data-driven insights.

Role Description

NetAnalytiks is seeking a highly experienced and skilled Penetration Tester to join our dynamic team. This is a full-time hybrid role based in Gurugram, offering the flexibility of some work-from-home. As a Penetration Tester, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and providing actionable recommendations to enhance our clients' security posture. Your expertise will be crucial in areas such as Attack Surface Management, application security, red teaming, malware analysis, and overall cybersecurity.

Responsibilities

• Penetration Testing : Conduct in-depth penetration testing of web applications, mobile applications, networks, and infrastructure to identify security vulnerabilities.
• Attack Surface Management : Utilize tools and methodologies to identify and analyze an organization's external and internal attack surface, providing recommendations for risk mitigation.
• Application Security Assessment : Perform thorough security assessments of web and mobile applications, identifying and exploiting vulnerabilities such as OWASP Top 10.
• Red Teaming Operations : Participate in red teaming exercises to simulate real-world attacks and assess the effectiveness of security defenses.
• Malware Analysis : Conduct static and dynamic analysis of malware samples to understand their functionality, behavior, and potential impact.
• Vulnerability Assessment : Perform vulnerability assessments using industry-standard tools and techniques, correlating findings to provide a comprehensive view of security risks.
• Reporting and Communication : Prepare detailed reports outlining vulnerabilities, exploitation steps, and remediation recommendations for both technical and non-technical audiences.
• Collaboration : Work closely with clients and internal teams to understand security requirements, communicate findings, and assist with remediation efforts.
• Security Research : Stay up-to-date with the latest security threats, vulnerabilities, and industry trends, contributing to the development of new testing methodologies and tools.
• Tool Proficiency : Utilize and customize various penetration testing tools, including QSYS, Nmap, Nessus, Netsparker, Burp Suite, Metasploit, and attack surface management tools.
  
  

Qualifications

• Reverse Engineering and Malware Analysis : Proven experience in reverse engineering and analyzing malware to understand its behavior and impact.
• Application Security and Red Teaming : Extensive experience in conducting application security assessments and participating in red teaming engagements.
• Tool Proficiency : Hands-on experience with penetration testing tools such as QSYS, Nmap, Nessus, Netsparker, Burp Suite, Metasploit, and attack surface management tools.
• Cybersecurity Knowledge and Experience : In-depth knowledge of cybersecurity principles, threats, vulnerabilities, and mitigation techniques.
• Strong Problem-Solving and Analytical Skills : Excellent ability to identify and analyze complex security issues and develop effective solutions.
• Excellent Communication and Teamwork Abilities : Strong written and verbal communication skills, with the ability to effectively collaborate with clients and colleagues.
• Relevant Certifications : Holding industry-recognized certifications such as CEH, OSCP, or CISSP is highly desirable.
• Educational Background : Bachelor's degree in Computer Science, Information Technology, or a related field.
  
  

Experience : 10+ years of experience in penetration testing and cybersecurity.

(ref:hirist.tech)