At least 7 year of experience as a penetration tester
Proven abilities to approach a black box and white box testing.
Proven hands on experience in manual pen testing as major part of work profile
Hands-on experience with vulnerability scanners (static and/or dynamic) and frameworks, including but not limited to Burp Suite, Checkmark, OWASP ZAP, Burp, Nmap, Nessus, Metasploit Framework
Good hands on experience with API penetration testing of Rest/SOAP based interfaces
Perfect knowledge of OWASP methodology and web vulnerabilities you can easily explain and show how it works
Python or any other scripting language. Comfortable using and working linux/unix environments
Desirable skills to have PCI, NIST guidelines including PII, ISO2700x, cloud security, virtualization, SecDevOps, containerized deployment.
Extremely committed and self-motivated individual with ability to deliver in challenging situations
Excellent written and oral communication
Assessing application and solution security controls against black box, grey box and white box attacks using both manual and automated (DAST) penetration techniques
Assessment of penetration test results with development teams, contribution to risk mitigation actions
Source code analysis (client/server/database) for vulnerabilities with scanning tools - SAST
