Job DescriptionQualifications & RequirementsProven experience as a Security Analyst, Security Engineer, or Penetration Tester Strong understanding of securing corporate environments and business applications Hands-on experience with manual penetration testing and DAST tools/techniques Ability to analyze scan results and recommend clear remediation or mitigation plans Working knowledge of penetration testing tools and platforms (Kali Linux, Metasploit, Burp Suite, Nmap, Wireshark) Strong understanding of common vulnerabilities and attack vectors (SQL Injection, XSS, buffer overflows) and their mitigations Familiarity with standards and frameworks such as OWASP, CVE, CWE, SANS and NIST Understanding of Transport Layer Security (TLS) and secure communication mechanisms Foundational knowledge of hosting platforms, public cloud services, and enterprise networking Familiarity with secure coding practices and vulnerability management frameworks (OWASP) Proficiency in Python or Bash scripting for automation and security tasks Familiarity with network protocols and encryption concepts Understanding of regulatory and compliance frameworks (PCI DSS, GDPR) Continuous learning mindset with curiosity to explore new tools and techniques (HTB, TryHackMe, labs, self-learning) Responsibilities Security Engineering & Implementation Implement and maintain security controls across cloud infrastructure, web applications, and internal systems Support secure configuration of services, including access controls, secrets management, and API security Review and strengthen components related to identity, authentication, and transaction workflows Perform regular vulnerability scans and hands-on penetration testing Identify and exploit security weaknesses using both manual and automated techniques Develop and execute structured testing methodologies and test plans Threat Modelling & Risk Awareness Participate in threat modelling exercises and security design reviews for new features and system changes Identify risks and misconfigurations and partner with engineers to remediate them Track emerging vulnerabilities and evolving attack techniques Reporting & Remediation Prepare clear, detailed vulnerability reports with risk-based analysis Validate the effectiveness of implemented fixes Reduce false positives from tool-generated reports Communicate findings and remediation guidance to both technical and non-technical stakeholders Collaboration Work closely with engineering and product teams to embed security into everyday development Act as a trusted security advisor during application design and delivery
Job Title
Cyber Security Specialist