Senior Penetration Tester

Benefits

Additional Information

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Penetration Tester is an advanced subject matter expert responsible for assessing and evaluating the security posture of the company's information systems, networks, applications and infrastructure. This role involves conducting rigorous and complex penetration testing and ethical hacking activities to identify vulnerabilities and potential weaknesses for exploitation. This role collaborates with cross functional teams and provides strategic security recommendations and assists in strengthening the organization's overall cybersecurity defenses. The Senior Penetration Tester serves as a mentor to junior members and is highly experienced in relevant exploits, tooling, exploit writing and is a pivotal role in the company's continuous assessment program. Key responsibilities: Plans, executes and manages complex penetration testing engagements on various IT assets, including networks, applications and databases. Conducts simulated cyber-attacks, including social engineering, to identify vulnerabilities and assesses the organization's resilience to cyber threats. Performs penetration tests against internal and external facing systems. Analyzes and interprets penetration test results and provides detailed reports to relevant stakeholders. Provides input to improve the quality and effectiveness of tests in a highly scaled and global environment. Articulates complex technical risks through creation of reports and delivering presentations to key stakeholders. Works with Security DevOps teams to test the orchestration and automation processes and platforms, feed results into a testing program. Supports the assessment risk and the development and/or recommends appropriate mitigation countermeasures based on empirical testing. Provides comprehensive technical expertise with web, application and database vulnerability testing. Supports the development of the security automation framework and the implementation roadmap. Provides actionable security recommendations and mitigation strategies to address identified vulnerabilities. Ensures that penetration testing activities align with relevant industry standards, compliance regulations, and best practices and to ensure program integrity and independence within the organization. Contributes to any security awareness training and education programs to promote a culture of cybersecurity within the organization. Stays up to date with the latest cybersecurity threats, attack vectors, and defensive technologies to continuously improve testing methodologies. Mentors and guides less experienced members of the penetration testing team, sharing knowledge and best practices. Crafts payloads and executables to specific environments using obfuscation techniques to evade detection from advanced EDR systems. To thrive in this role, you need to have: Ability to work independently and manage multiple projects within remote environment. Demonstrates a strong ability to engage with various stakeholders, have a team-based approach and work towards share goals and outcomes. Ability to think outside the box and a passion to improve your skills and drive innovation. Ability to compromise systems and demonstrate ways to laterally move post compromise. In-depth knowledge of common security assessment methodologies, such as OWASP, PTES, or NIST SP 800-115. Strong understanding of various operating systems, network protocols, and application security. Advanced proficiency in using penetration testing tools and frameworks, such as Metasploit, Burp Suite, Nmap, and Wireshark. Advanced knowledge of security assessment tools and technologies used to evaluate web applications, databases, and network infrastructure. Excellent analytical and problem-solving skills to identify and exploit vulnerabilities effectively Strong written and verbal communication skills to deliver clear and concise reports and recommendations to stakeholders. Ethical and professional conduct with a commitment to confidentiality and data privacy. Academic qualifications and certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or related field. Security related certifications such as OSWE, OSEP, OSCP, OSCE, CRTP, GPEN, or CREST is desirable. Required experience: Advanced penetration testing experience and ethical hacking gained within a similar global environment. Advanced experience with both commercial and open-source security tools and scripting languages. Advanced exposure to security testing scenarios e.g. Capture the Flag / Red Team / Blue Team is desirable. Advanced experience with various testing platforms e.g. Hack the Box / Vulnh

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at nttlimited? Share your experience