Penetration Tester Jobs in Bangalore - T & A Solutions
Penetration Tester
Job Description
Designation :-Penetration Tester with Infrastructure Focus
Location:- Bangalore
Salary :- Hike on Current ctc
Experience Minimum 1 Year
Gender:- Any
Qualification - Masters and PhD preferred
Roles and Responsibilities
- Create and maintain infrastructure for Penetration Testing Activities
o Buy Domain for campaigns Set up AWS/Azure/GCP Infrastructure Create & Maintain Post Exploitation framework (Cobalt Strike etc…)
Secure Servero Create secure methods of connection (Proxy, HTTP Forwarders,SMTP Relays etc..)
- Assist with penetration testing and other related security activities- Develop tools for automation
- Develop tools to help with any stage of the attack lifecycle- Develop operational standards of excellence- Ownership of Infrastructures used for Penetration Testers
Required Background
While professional penetration testing experience is preferred, in some cases we canaccept individuals who have worked in related cyber security professions, dependant on aptitude and thirst for knowledge- 1+ Years of Red Team experience (Adversary Emulation)- 1+ Years of Infrastructure penetration testing.- 1+ Years of Building infrastructure to support campaigns- Knowledge of building campaigns and tools used as part of a lifecycle(GoPhish, Cobalt Strike, Meterpreter, PowerShell Empire etc..)- In-depth knowledge and understanding of common C2 frameworks (e.g.Cobalt Strike, PoshC2, Empire).- In-depth knowledge and understanding of applications and networking.- An in-depth level of knowledge of Windows exploitation and Active Directory.
- A thirst for knowledge and a constant desire to push yourself- Experience working with and against many security products, ranging from perimeter security to endpoint protection tools.
- Ability to explain basic networking concepts (routing, ACL, load balancers,SSL/TLS, TCP) in order to provide application architecture feedback
- Development experience using Python, PowerShell, C, or C++- Understanding of common software security issues and remediation techniques (OWASP Top 10, SANS 25, Mitre ATT&CK, etc.)