Amaris 3.7 ★

ABOUT THE JOB
Deliver targeted and intelligence-led security penetration testing and certification platforms through a robust testing methodology and process.
Design and develop scripts, frameworks, tools, and the methods required for facilitating and executing complex attacks, emulating malicious actor behavior aimed at avoiding detection.
Responsible for operating security penetration testing and internal tools, researching and analyzing vulnerabilities, identifying relevant threats, making and recommending corrective action recommendations, and summarizing and reporting results.
Deliver continuous improvement through process re-engineering, technology transformation, integration, and exploitation to deliver optimized yet robust services to mitigate threats to the system.
Manage and influence stakeholders in understanding risk exposure and containment measures from vulnerabilities.ABOUT YOU
Academic degree in Cybersecurity, Information Technology, Computer Science, or related fields
5+ years of in-depth, hands-on working knowledge in penetration testing and vulnerability management in a global environment. Out of this a minimum of 3 years of professional experience as a lead penetration tester, reverse engineer, researcher, or threat analyst
A self-starter, independent with minimal supervision and strong hands-on experiences in penetration testing for various tech stacks, including cloud environment
Knowledge of the threat and vulnerability landscape, including malware, emerging threats, attacks, and vulnerability management
Web, Mobile Applications, and Operating Systems exploitation or enumeration techniques utilized today range from injection, privilege escalation, buffer overflows, fuzzing, and scanning
Programming languages such as Objective-C, Java, SWIFT, and Assembly, one/or more of the scripting languages, e.g., Perl, Python, PowerShell, or shell scripting
IOS and Android reverse engineering, disassembling, decompiling, and root/jailbreak detection evasion
Writing and demonstrating proof of concept work from an exploitation or attack perspective
Building and employing modules and tailored payloads for common testing frameworks or tools
Networking topologies, protocol usage, and enterprise hardware, including switches, routers, and firewalls, and their roles in security
Access control methodologies, network/host intrusion detection, vulnerability management tools, patch management tools, penetration testing tools, and AV solutions
Hardware hacking or building custom hardware for exploitation
Experience in cloud security, especially AWS, and a good understanding of DevSecOps principles, including Continuous integration and continuous deployment practices (CI/CD)
Experience in container and Kubernetes testing and working knowledge of security best practices
Strong communication skills (oral and written)
Ability to work in a fast-paced team environment
Detailed-oriented, Strong deductive reasoning, critical thinking, and problem-solving skills
A self-starter, independent with minimal supervision and strong hands-on experience in penetration testing for various tech stacks, including cloud environments.Benefits
13th-month salary
14+ annual leaves per year
Premium healthcare insurance, starting from your probationary period
Project reviews and yearly performance appraisals
Annual company trips
Teambuilding activities: Team lunch/dinner, events, celebrations, sports clubs (football, yoga, badminton, etc.)
International team with flexible working time + hybrid working
Tailor-made career path
Technical workshops and training courses
Mobility: Opportunities to be on-site abroad in our offices in over 60+ countries
Equal Opportunity
Amaris Consulting is proud to be an equal opportunity workplace. We are committed to promoting diversity within the workforce and creating an inclusive working environment. For this purpose, we welcome applications from all qualified candidates, regardless of gender, sexual orientation, race, ethnicity, beliefs, age, marital status, disability, or other characteristics.