You must have experience in using tools in testing for computer systems, networks, and other devices. Has the ability to create and perform test scenarios for pentesting infrastructure and applications. You will provide recommendations and solutions for exposure / defect discovered during testing as a report to management.
You nave an advanced understanding of security concepts and security best practices, understanding, and familiarity with common code review methods and standards. Should have experience with performing penetration testing and risk assessments against computer networks.
You should have a background with Qualys, Tenable and OpenVAS Vulnerability Scanners, problem Management skills, familiar on different security and frameworks like CIS, COBIT, ISO 17799 & 27001, NIST SP800-53, ITIL v2, HIPAA, FFIEC, NERC-CIP, PCI-DSS, OWASP.
You should have advanced Windows, Network knowledge in infrastructures such as VPN, LAN, WAN, wireless network, network topologies, and access methods. Knowledge in hardware such as switches, routers, media types. Knowledge in protocols and services such as OSI model, IPv4, IPv6, name resolutions, networking services, TCP/IP.
You should have knowledge in Security fundamentals and familiar with different types of threats, attack vectors, Network vulnerabilities and attacks, User authentication, permissions, password policies, audit policies, encryption, cryptography, Physical security, internet security, wireless security, and core security principles and have a Familiarity of security tools, technologies, and threat landscape.
At Puffin Security, we enjoy contributing knowledge regarding security projects to complex organizations as our team is composed by Certified Security Engineers who follow codes of conduct (The ISACA, (ISC)2 and ISSA codes of conduct – likewise the OSSTMM “Rules of Engagement”). For more information, contact us here or email@example.com