Description:
Key responsibilities:
- Perform internal technical assessments involving evading defensive technologies such as Network Access Control, firewalls, IPS/IDS systems, SIEM, EDR, Email-filters etc
- Configure and safely utilize attack tools, tactics, and procedures against authorized OISSG client infrastructure.
- Develop scripts, tools, or methodologies to enhance OISSG's penetration testing capabilities.
- Conduct tactical assessments that require expertise in security (Internal network), threat analysis, internal and external network architecture, and a wide array of commercial and custom products
Required Qualification, Skills & Experience:
- 3 to 5 Year of VAPT consulting experience.
- OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, GXPN,CREST or Equivalent certifications.
- Experience with Internal VAPT and Red teaming exercises.
- Experience in active directory (both on-premises and azure) assessments and replicating real work attacks such as Golden SAML attack, Constraint delegation attacks etc.
- Experience with network OS, Windows/ *nix/ MacOS, network communications protocols, virtual environments, cloud environments, mobile OS (Android/iOS) and containerized platforms
- Understanding of OWASP, the MITRE ATT&CK framework and the software development lifecycle (SDLC)