Security specialist ict

Role purpose: Strengthen organizational security by proactively identifying, exploiting, and helping remediate vulnerabilities across applications, infrastructure, and cloud environments through ethical hacking and adversary emulation. Core responsibilities - Plan and execute penetration tests (web, API, mobile, network, cloud) and red team engagements. - Perform vulnerability research, exploit validation, and attack-path analysis to demonstrate real-world risk. - Develop and maintain tooling, scripts, and automation for reconnaissance, testing, and reporting. - Document findings with clear evidence, impact, and prioritized remediation guidance. - Partner with engineering and security teams to validate fixes and improve secure design. - Support threat modeling, security assessments, and continuous security improvement initiatives. - Contribute to security awareness by sharing tactics, techniques, and lessons learned. Required skills - Strong knowledge of offensive security methodologies (PTES, OWASP), MITRE ATT&CK, and common attack chains. - Hands-on experience with web and network exploitation, authentication/authorization flaws, and privilege escalation. - Proficiency with common tools (e.g., Burp Suite, Nmap, Metasploit) and scripting (Python, Bash, PowerShell). - Understanding of cloud security concepts (AWS/Azure/GCP), IAM, and container/Kubernetes attack surfaces. - Ability to write clear, actionable reports and communicate ris...