Cyber Security Specialist

Job Summary:

We are seeking an experienced and highly skilled Senior Cyber Security Specialist to lead penetration testing, vulnerability assessment, and threat detection activities. The ideal candidate will have in-depth hands-on experience with industry-standard security tools such as Metasploit, Wireshark, Nmap, Kali Linux, and both SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools. The candidate will play a key role in identifying security risks, mitigating threats, and strengthening the organization's overall security posture.

Key Responsibilities:

• Perform penetration testing and exploit validation using tools like Metasploit and Kali Linux.
• Conduct network traffic analysis and packet inspection using Wireshark to identify vulnerabilities or anomalies.
• Use Nmap for network mapping, host discovery, and port scanning.
• Perform regular SAST and DAST scans on web and mobile applications to identify code-level and runtime security flaws.
• Identify, analyze, and report security vulnerabilities and misconfigurations.
• Develop and recommend remediation plans and track closure of security gaps.
• Collaborate with DevOps and application teams to integrate security into the SDLC.
• Participate in incident response and threat hunting as needed.
• Provide technical guidance on securing infrastructure, applications, and network layers.
• Stay up to date with the latest security threats, attack vectors, and mitigation techniques.

Required Skills & Qualifications:

• Proven experience (5+ years) in penetration testing, vulnerability assessment, and cyber threat analysis.
• Strong hands-on experience with Metasploit, Wireshark, Nmap, Kali Linux.
• Proficiency with SAST and DAST tools and methodologies.
• Deep understanding of security best practices, OWASP Top 10, and secure coding principles.
• Familiarity with common web and mobile application vulnerabilities.
• Strong analytical and troubleshooting skills.
• Excellent verbal and written communication skills.

Preferred Certifications (not mandatory):

• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional)
• CISSP, GPEN, or similar industry-recognized certifications