Cybersecurity Specialist - Eyepax

byLankaJobHub
0
Experience and Responsibilities:

Penetration Testing Duties: 

  • Conduct penetration testing on public-facing web applications, identifying vulnerabilities based on OWASP Top 10 and industry best practices.
  • Perform penetration testing on API interfaces (REST, GraphQL, SOAP), identifying authentication and data exposure risks.
  • Execute penetration testing on VMs hosted in Azure & AWS with public IP addresses, ensuring secure configurations and resilience against attacks.
  • Assess Azure Key Vault and AWS Secrets Manager for misconfigurations, access control weaknesses, and data exposure risks.
  • Perform penetration testing on privileged/admin accounts, evaluating authentication mechanisms and privilege escalation risks.
  • Test wireless network security (Wi-Fi penetration testing) at designated locations, identifying unauthorized access points and encryption weaknesses.
  • Provide detailed reports on vulnerabilities, risk analysis, and remediation steps to development and security teams.

Cybersecurity Specialist Duties: 

  •  Monitor cloud security postures in Azure and AWS, ensuring proper access controls, IAM policies, and network security groups are in place. 
  •  Implement and manage Intrusion Detection & Prevention Systems (IDS/IPS) and firewall security rules
  •  Perform continuous vulnerability scanning and remediation tracking across on-premise and cloud infrastructure. 
  •  Develop and enforce security policies, procedures, and incident response protocols
  •  Investigate security incidents, breaches, and anomalies, working with IT teams to mitigate risks. 
  •  Conduct security awareness training for internal teams on secure development practices and phishing defense. 
  •  Ensure compliance with ISO 27001, NIST, GDPR, SOC2, and other relevant cybersecurity standards

Skills and Personal Characteristics:

Technical Skills: 

  • 3-5 years of experience in penetration testing, cybersecurity, and cloud security assessments
  • Strong knowledge of penetration testing methodologies (OWASP, NIST, PTES). 
  • Hands-on experience in Azure & AWS security testing, IAM configurations, and cloud penetration testing
  • Proficiency in web application & API security testing (SQL Injection, XSS, CSRF, Broken Authentication, etc.). 
  • Strong understanding of privileged access security and active directory security (Azure AD & AWS IAM). 
  • Experience in wireless penetration testing, including WPA2/WPA3 assessments and rogue access point detection. 
  • Familiarity with penetration testing tools, such as: 
    • Burp Suite, OWASP ZAP 
    • Nmap, Nessus, OpenVAS 
    • Metasploit, SQLmap 
    • Wireshark, Aircrack-ng 
    • AWS Inspector, Azure Security Center 
  • Scripting proficiency in Python, PowerShell, Bash for automation and exploit development. 
  • Knowledge of Zero Trust security principles, IAM best practices, and endpoint security solutions

Soft Skills: 

• Strong analytical and problem-solving skills. 

• Ability to effectively communicate security vulnerabilities to technical and non-technical stakeholders. 

• Strong documentation and report writing skills, including detailed penetration testing reports. 

• Ability to work independently and collaboratively with security, IT, and development teams. 

Preferred Qualifications: 

  • Industry-recognized certifications (one or more preferred): 
    • OSCP (Offensive Security Certified Professional) 
    • CISSP (Certified Information Systems Security Professional) 
    • CEH (Certified Ethical Hacker) 
    • GWAPT (GIAC Web Application Penetration Tester) 
    • GPEN (GIAC Penetration Tester) 
    • AZ-500 (Microsoft Azure Security Engineer) 
    • AWS Certified Security – Specialty 

• Experience with threat intelligence, SIEM solutions, and red/blue team exercises is a plus. 

• Previous experience working with SOC teams and incident response

Apply

Post a Comment

Previous Post Next Post