Cyclad est une entreprise spécialisée dans le recrutement de profils qualifiés dans le domaine de l’informatique. Nous sommes présents en France, en Pologne et au Maroc. Nous misons sur la transparence et la proximité avec les experts qui nous rejoignent.
The Penetration Testing Expert is responsible for:
· Execute web application penetration tests to identify vulnerabilities such as input validation issues, authentication flaws, and access control issues.
· Assess web applications against acknowledged security best practices such as OWASP Top 10.
· Conduct network and system-level penetration tests to identify vulnerabilities such as lack of patching, weak security configurations, and weak passwords.
· Utilize security tools such as Kali Linux, Nmap, and Burp Suite to conduct manual and automated security testing.
· Document testing procedures and results and provide detailed reports to stakeholders on vulnerabilities identified and potential impact.
· Work with the security team to recommend and implement remediation plans, and with IT teams to ensure that assessments and remediations do not impact business operations.
· Share Pentest knowledge and methodology with the other members of the Pentest team.
🏅 QUALIFICATION
Technical & functional skills
· Bachelor’s or Master’s degree in computer science, Information Technology or a related field.
· Experience with security assessment methodologies such as risk assessment, vulnerability assessment, and threat modeling.
· At least 5 years of experience in penetration testing and vulnerability assessments.
· Relevant certifications related to penetration testing.
· Proficient in vulnerability assessment tools (e.g., Nmap, Nessus, Burp Suite, Metasploit)
· Strong understanding of network protocols and architectures (TCP/IP, DNS, HTTP/S)
· Skilled in manual exploitation techniques and writing proof-of-concept exploits
· Experience with web application security testing (OWASP Top 10, API fuzzing, authentication bypass)
· Familiarity with Windows, Linux, and macOS environments
· Scripting ability in Python, Bash, PowerShell, or JavaScript
· Knowledge of Active Directory, LDAP, and privilege escalation techniques
· Ability to document findings and deliver clear, actionable reports
· Understanding of cloud security (AWS, Azure, GCP) and container environments (Docker, Kubernetes)
· Communication skills to handle different stakeholders (IT, Business, security teams.).
· IT security expertise.
· Ability to gather and analyze data and translate it into actionable insights.
· Ability to work well in a team and cross-functional environment.
· Ability to work with people from different culture and environment.
Languages
· English – Mandatory.
· French – Optional.