VAPT consultant

Experience      :            over 3 Year

Qualification  :           Graduate in Computer Science, IT, Electronics & Communication or   Information Security or Cyber Security or MCA

Preferred Certifications:        CEH, CEPT, OSCP, CMWAPT, GPEN, CPT, LPT

Professional Scope of work (JD): 

1. knowledge of the OWASP Top 10, SANS top 25, WASC security Standards
2. knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session fixation / hijacking etc.
3. Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, API’s
4. Perform Web & Mobile Application security assessment.
5. Conduct application penetration exercise using automated tools, customized exploits and manual analysis.
6. Conduct network penetration testing, system vulnerability assessment & security configuration review
7. Provides analysis and validation post remediation.
8. Practical knowledge of using common Pen Testing tools as mentioned below:
   1. Burp suite
   2. NMAP
   3. META Sploit
   4. Tenable Nessus
9. knowledge of following tools is a plus:
   1. Apktool
   2. Linux-Exploit-Suggester
   3. Sqlmap
   4. ZenMap
   5. Nikto
   6. Metasploit
   7. John the Ripper
   8. Wireshark
   9. Powershell-Suite

Preferred Criteria :

• Banking experience
• Transferable Iqama,
• Saudi Driving License, and familiarization with KSA job culture,