Pen Tester

Michelin

Pune, India

10-12 Years

Save

Posted 3 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

- - - - - - - - - - - -

Key Responsibilities

The primary responsibility of this role will be to be part of the Blue team, in addition to fulfilling the penetration testing role.

Vulnerability Assessment and Penetration Testing (VAPT)
Conduct VAPT on Michelin applications and systems in compliance with ethical standards and recognized methods.
Evaluate vulnerabilities and assess their exploitability within Michelin IT ecosystem.
Threat Hunting
Detect vulnerabilities across the Michelin IT landscape and ensure appropriate ticket creation and resolution.
Continuously identify within Michelin exploitable bugs and proactively address them.
Development
Develop internal tools (scripts, software, APIs, web services) to enhance operational efficiency.
Automate repetitive tasks and improve existing workflows using custom scripts or software solutions.
Security Expertise
Provide security consultancy to various Michelin stakeholders (projects, supporting internal development teams) with vulnerability remediation.
Offer expertise on web technologies, Active Directory/Windows environments, and network systems security.
Collaboration and Coordination
Collaborate with Michelin Global Security teams to deliver training, coaching, and best practices.
Foster a culture of continuous improvement and proactive defense across teams.

Desired Profile

Technical Skills

Penetration Testing Expertise:

Hands-on experience with HackTheBox, TryHackMe, or similar platforms.
Experience managing Bug Bounty Programs as an Ethical Hacker using relevant tools.
Proficiency in Burp Suite and IDA Pro (for reversing).
Strong PowerShell scripting and general scripting capabilities.

Web Development & Security:

Understanding of web application development and deployment to simulate attacker perspectives.
Expertise in penetration tests on web technologies, Active Directory/Windows environments, and networks.
Familiarity with intrusion tests on industrial control systems is a plus.

Programming & Scripting:

Proficiency in languages such as Python, Java, Shell scripting, .NET, and PowerShell.
Development experience for building tools, automation scripts, or utilities to improve security testing workflows.

Network & System Security:

Deep understanding of network security principles and systems security.
Ability to detect and mitigate vulnerabilities effectively.

Personal Attributes

Initiative and Autonomy: Ability to work independently with minimal supervision.
Curiosity and Innovation: Strong curiosity to explore vulnerabilities and exploit potential bugs.
Collaboration: Adept at working in cross-functional, international teams and different time zones.
Communication Skills: Strong ability to articulate technical concepts to stakeholders effectively.

Preferred Experience

Experience: 10-12 years in cybersecurity roles with a strong focus on penetration testing, threat hunting, and tool development.
Certifications: Relevant certifications like OSCP, CEH, GIAC, or similar credentials are preferred.
Hands-On Exposure: Experience with web application and AD/Windows environment penetration tests and network intrusion detection.