1. Education: Bachelor's degree in Computer Science, Information Security, or related field.
2. Technical Knowledge:
- Proficiency in at least one programming language (PHP, Python, C/C++, Java) and understanding of Software - Development Life Cycle (SDLC).
- Strong knowledge of network protocols, web application security, cloud environments, and secure coding principles...
3. Experience:
- Security testing for Web, API, Mobile, Winform Applications, Network, Infrastructure, and OS.
- Identifying and assessing vulnerabilities in IT systems.
- Security standards such as PCI DSS, OWASP, and cybersecurity attack techniques.
- Reviewing security requirements in BRD and business processes before system development.
4. IT Proficiency:
- Proficiency with penetration testing tools and scripting languages (Python, Bash, PowerShell).
- Information gathering, vulnerability scanning, and security exploitation tools.
5. Skills:
- Documentation and report writing skills.
- Effective communication and presentation skills.
- Analytical and problem-solving abilities.
- Risk management skills.
- Understanding of exploit development, reverse engineering, and threat modeling.
6. Experience: Minimum of 2 years of experience in penetration testing or ethical hacking roles for web applications, mobile applications, server systems, and network devices.
7. Preferred Qualifications: Security certifications such as GPEN, LPT, CEH, OSCP, GWAPT or equivalent penetration testing certifications. Candidates with CVEs or contributions to cybersecurity projects are highly preferred.