1. Title : Penetration Tester, Security Assessment Tester, Ethical Hacker, Vulnerability Tester. etc
Perform active analysis of system to find any potential vulnerabilities, weaknesses, or compliance issues. Also Perform network availability with a network tool like an Avalanche(DDoS test/ fuzzing) etc. Penetration testing on system, web interface etc, Research testing methodology, Research recent vulnerability, set up test environment.
It could be related to research testing methodology or providing penetration service as a company’s monthly/annual security check/test as a consultant. Most of position requires applicant to have at least 3 years experience in information security field.
Knowing test environment/ methodologies, interfaces. Set up network & system as a test bed.. etc.
Web : Knowing popular web vulnerabilities (OWASP and others) and attack types code injection, CSRF, SQL injection.. etc /Tools : Burp Suite, ZAP, Nessus, SQLmap, Nmap, OWASP ZED, Cenzic, Qualys Guard
System : OllyDB, IDA Pro, LordPE, Knowledge in x86 Intel Assembly Language, Windows API(DLL injection, function hooking, Key logging), Configuring in Windows/*nix/DB
Hacking tools : Metasploit,
Preferable Programming / Scripting language : Python, Ruby, Perl, Bash..
Basic knowledge or experience in Linux(Kali Linux)
4. Related Certificates
Certified Cyber Forensics Professional (CCFP)
Systems Security Certified Practitioner (SSCP)
Certified Computer Examiner (CCE)
Certified Reverse Engineering Analyst (CREA)
IAC Certified Intrusion Analyst (GCIA)
EC Certified Incident Handler (ECIH)
Giac Cerified incident handler(GCIH )
Certified Ethical Hacker (CEH)
Licensed Penetration Tester (LPT)
Giac certified Pen tester Certified Penetration Tester (CPT)
GIAC Certified Enterprise Defender (GCED)
GIAC Systems and Network Auditor (GSNA)