Key Responsibilities:
Penetration Testing and Red Teaming:
-
Conduct comprehensive penetration
testing and red teaming exercises on systems, networks, applications and
mobile to identify vulnerabilities and potential entry points for
attackers.
-
Develop and execute custom tools
and scripts to automate testing and exploitation processes.
-
Analyze and report on findings,
providing detailed explanations of vulnerabilities and recommended
remediation steps.
-
Simulate advanced persistent
threats (APTs) to test the resilience of security controls and incident
response capabilities.
-
ASM: Continuously discover and
catalog all assets, including hardware, software, and network components.
-
ASM: Monitor the attack surface
for changes and potential vulnerabilities, using automated tools and
manual assessments.
Threat Modeling and Risk Assessment:
-
Conduct threat modeling and
risk assessments to identify potential attack vectors and vulnerabilities
-
Develop and maintain a
comprehensive understanding of our systems, networks, and applications to
identify potential vulnerabilities
-
Provide recommendations for
remediation and mitigation strategies
Incident Response and Crisis
Management:
-
Participate in security
incident response and crisis management efforts as needed
-
Collaborate with incident
response teams to contain and remediate security incidents
-
Provide technical expertise and
guidance during incident response efforts
-
Security Research and Development:
-
Stay up-to-date with the latest
security threats and trends, and adapt testing methodologies accordingly
-
Develop and maintain a
comprehensive knowledge of industry-leading security tools and
technologies
-
Participate in security
research and development efforts to identify and develop new testing
techniques and methodologies
Benefits
