Network Infra Penetration Testing Lead Software Engineer Ii Lead Talent500 11 Years T1011
02: Network infra penetration testing - Lead Qualifications: Bachelor\'s degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience. 8 + years of IT professional experience, with 6 + years Information Security experience, with previous as a network and cloud pen tester Requirements: Expert in identifying the network ports, peripherals, and other common weak points that can help gain access to a business system Use of multiple tools for Discovery and Recon phase to identify most of the entry points to start the infra-assessment Identifying Network Security Flaws in an operating system, cloud and network Conduct configuration reviews for OS, DB, Firewall, Routers, Switches and other infrastructure components Conduct vulnerability assessment and penetration testing and configuration review for network and cloud Perform penetration testing and vulnerability assessment on various types of technologies and implementations using automated (commercial, open source) tools and manual techniques. This may include - Network infrastructure and wireless networks - Servers, platforms, containers, hosting infrastructure and services Conduct assessments of the Cloud Saas environments Have experience evaluating cloud environment configurations, such as bucket policies, IAM policies, security groups and ACLS, for security vulnerabilities and integrating these findings into the pen test Drive end to end assessment and governance compliance and ensure OS like Microsoft Windows Server, Linux, Unix, Voice Infra, Mac are secured Knowledge of popular security tools Nessus, Qualys, Burpsuite etc. Good hands-on experience of Kali Linux and Metasploit Hands on experience in Network monitoring tools like Wireshark, Ettercap Knowledge of PCI/DSS, Cloud Security Alliance, ISO2700x controls. Security Certifications - GPEN, CPT, OSCP, OSCE, GIAC, published CVE, Github projects, bug bounty profiles, hackthebox profile, or similar. Test security within Microsoft Azure, AWS and Cloud technologies implementation Research potential improvements to servers and recommend fixes as per Industry Best Practices to the Management. Conducting Penetration Testing and closing vulnerabilities in the servers Manage and ensure effectiveness of security solutions, including server security Identifying and maintaining Key metrics and SLA on Infrastructure Security. Broad technical knowledge of infrastructure technologies i.e. Vulnerability assessment, Penetration testing, Siem, DLP, Malware Protection, IDS, Wireless IPS, DMZ and Firewall Security. Independently execute red team assessments to identify security exposures and to evaluate effectiveness of security controls and response.