Cybersecurity Analyst

Job Description

• --------------------
• Perform **web application, API, mobile, network, and cloud penetration testing**
• Conduct **black-box, gray-box, and white-box testing**
• Identify vulnerabilities such as:
• + OWASP Top 10 (e.g., SQL Injection, XSS, IDOR)
• + Misconfigurations in cloud (Azure, AWS, OCI)
• Exploit vulnerabilities in a controlled environment to validate risks

️ Red Team & Adversary Simulation

• Execute **Red Team engagements** simulating real-world attack scenarios
• Perform **social engineering assessments** (phishing, vishing if allowed)
• Conduct **lateral movement, privilege escalation, and persistence techniques**
• Map findings to frameworks like:
• + MITRE ATT&CK

Reporting & Risk Management

• Prepare **detailed technical reports** with:
• + Proof of Concept (PoC)
• + Risk ratings (CVSS)
• + Business impact
• + Remediation recommendations
• Present findings to both **technical teams and management**
• **️ Tools & Technologies**
• Use tools such as:

+ Burp Suite, OWASP ZAP

• + Metasploit, Nmap
• + Nessus, OpenVAS
• + Wireshark
• Develop custom scripts using:

+ Python, Bash, PowerShell

• **️ Cloud & DevSecOps Security**
• Assess security in:

+ Microsoft Azure, AWS, Oracle Cloud (OCI)

• Perform:
• + Container security testing (Docker, Kubernetes)
• + CI/CD pipeline security assessments
• Integrate security testing into **DevSecOps pipelines**

Leadership & Mentorship

• Mentor junior penetration testers and analysts
• Review technical findings and reports
• Lead customer discussions and security workshops

Required Qualifications

Education

• Bachelor’s/Master’s in:
• + Cybersecurity
• + Computer Science
• + Information Security (or equivalent experience)

Experience

• **5–8+ years** in cybersecurity with strong focus on penetration testing
• Experience in:
• + Web & API security testing
• + Network & infrastructure testing
• + Cloud security assessments

• OSCP (Highly Preferred)

• CEH, eCPPT, eWPT
• CREST, GPEN