OnePoint HR and Management Consultants

Job Detail

Penetration Tester- Muscat, Oman Penetration Tester- Muscat, Oman Information Technology






Job Responsibilities:

Should be proficient on Vulnerability Assessment and Penetration Testing (VA/PT);able to work on web, Network and mobile application

Able to Work on Vulnerability Assessment and Penetration Testing (VAPT) in accordance with OWASP Top 10 for various applications

Perform white and black box testing of web /mobile applications and systems with a variety of commercial and opensource tools

Devise creative and custom exploits, solutions, and techniques to discover vulnerabilities and exploitability of the targets

Knowledge-share with team on techniques and results to continuously improve the service offering

Create detailed report of findings and recommendations after testing is complete and present to stakeholders

Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices

Mentor junior members of the team in techniques and best practices in ethical hacking and vulnerability analysis Primary Skills

4-5 years of experience with penetration testing

Demonstrable knowledge and experience of: Common attack techniques for web, mobile and services.

Common application testing tools including, but not limited to Burp, SQL Map etc

OWASP Top 10 iPhone and Android application pen testing - specifically relating to reverse engineering and instrumentation toolsets

Pen testing in Agile and/or Extreme development environments

Ability to write scripts/tools to assist in testing

Experience testing/analyzing applications and networks

Understanding of encryption technologies.

Understanding of common network protocols

Working knowledge with various operating systems

Ability to relay detailed technical concepts to a broad range of audiences, via written reports and presentations.

Passion for continuous learning, growth, and tinkering

Mandatory : OSCP (Offensive Security Certified Professional)
Preferred : OSCE (Offensive Security Certified Expert)
Preferred: eWPT ( eLearnSecurity Web application Penetration Tester)
Preferred : CISSP (Certified Information Systems Security Professional)
Good to have
Bug bounty experience
Mobile application security testing experience,
Experience in security service companies (Aujas, Paladion, NII),
Red teaming experience

Careers by Category