Pen Tester

• Develop and execute exploitation scenarios against network, application, mobile, and wireless environments per scoped engagements with little to no supervision.

• Translate threat intelligence into realistic attack scenarios, mapping campaigns to specific threat actor groups

• Stay current on emerging offensive security techniques

• Continually evolve existing Tactics, Techniques and Procedures (TTPs) in use by the Red Team to match TTPs used by real world adversaries

• Conduct phishing and OSINT-driven social engineering campaigns.

• Develop and refine payloads and attack paths across Swift infrastructure.

• Link technical exploitation to risks associated with the business.

• Conduct physical security assessments to include RF site surveys and attempts to circumvent physical security controls

• Share techniques, lessons learned, and tool improvements with peers.

• Support Purple Teaming activities by working closely with the Security Operations Centre (SOC) to identify and help remediate detection gaps.

Do you have a Bachelor's degree?, University degree in Computer Science, Cyber Security, or a related field; or equivalent work experience., Typically has 4 to 5 years of relevant work experience in Penetration Testing or Red Team operations.

Certifications

Has obtained one or more of the following certifications:

Offensive Security Certified Professional (OSCP) or higher Offsec cert

Certified Red Team Operator (CRTO), * Deep sense of belonging to and contributing to a team yet can operate independently when necessary across phases of a campaign within different environments.

• Can chain vulnerabilities to achieve privilege escalation and lateral movement.

• Able to document technical details clearly for senior review.

• Strong knowledge of common technologies within an enterprise environment (e.g. Windows, Active Directory (AD), Linux, cloud environments, etc)