JOB DESCRIPTION / ROLE
- Perform Penetration testing Grey Box/BlackBox
- Being Up To Date with the latest vulnerabilities & exploits.
- Able to write detailed technical penetration testing reports highlighting the detailed steps of exploitation & mitigation.
- Able to write scripts for proof-of-concept for any discovered vulnerabilities.
- Some code writing skills , it is necessary for the remediation to be able to demonstrate the vulnerabilities discovered and how to mitigate.
- Familiar with OWASP to 10 and how to exploit each discovered vulnerability.
- Familiar with mobile application penetration test and owasp top 10 vulnerabilities.
- Familiar with network penetration testing and how to demonstrate his proof of concept without causing any severe impact to the environment.
- Familiar with the IT environments and why every environment is being used , e.g: Production, Pre-Production.
- Familiar with change requests and how to analyze them to perform correct assessment.
- Familiar with penetration testing operating systems like Parrot, Kali Linux, Black Arch
- Familiar with penetration testing tools for web applications ( BurpSuite ).
- Familiar with vulnerability discovery tools (Nessus, Qualys, OpenVAS)
- Familiar with penetration testing concepts like service banner grabbing , threat, port-scanners.
- Familiar with dev-sec-ops and CI/CD concepts like pipeline,change request, dataflow diagram.
- Familiar with programming languages like Javascript, PHP & .NET Framework.
Requirements:
- Able to communicate properly and prove his idea in the simplest form and most accurate way.- Good knowledge of Arabic or English language is a must.
- Able to commit into a deadline.
- Able to work under pressure.
- Offensive Security(OSCP,OSEP,OSWE) or SANS offensive security related courses is a must.
ABOUT THE COMPANY
Saudi Networkers Services, incorporated in 2001 with an aim to provide the world class business and consulting services through a combination of market insight, technical excellence and unrivalled agile methodology.
Our success stems from building strong relationships and trusted partners, which enabled us delivering exceptional services to public sector, as well as some world's leading organizations, in Telecommunication, Information Technology, Cyber Security, Banking, Energy, Utilities and various other industry arenas.
We collaborate closely, ideate that how the work gets done, while working alongside businesses to collaborate on growth and applying breakthrough innovations, that drive exponential impact, managed by teams specialized in their assigned industry sectors.