COMPANY DESCRIPTION
ALTO Network is a leading payment infrastructure provider as well as the pioneer in payment solution by always bringing the most innovative and impactful technology to connect merchants or financial institutions with their customers to grow their businesses nationwide and beyond.
DESIGNATION : Offensive Security Associate
RESPONSIBILITIES
- Maintain confidentiality and integrity throughout the assessment process and adhere to responsible disclosure practices.
- Collaborate with team members to create proof-of-concept exploits and payloads for use during penetration testing engagements.
- Implementation and adherence to responsible disclosure practices
- Evaluate the effectiveness of security controls and defenses against real-world attack scenarios.
- Document findings from security assessments in clear and concise reports, including detailed descriptions of identified vulnerabilities, their potential impact, and recommended remediation actions.
- Risk/Findings audit to be fulfilled
- Ensure staff are informed and trained to support good corporate governance in their specific areas of work.
QUALIFICATIONS
- Penetration tests, vulnerability assessments, and security audits (VAPT)
- Red teaming exercises and adversarial simulation techniques.
- Metasploit, Burp Suite, Nmap
- Scripting languages (e.g., Python, PowerShell)
- MobSF (Mobile Security Framework)
- Drozer
- OWASP Mobile Security Testing Guide (MSTG)
- Hands-on experience with conducting penetration tests, vulnerability assessments, and security audits
- Familiarity with red teaming exercises and adversarial simulation techniques.
- Experience with reporting and documenting findings, including clear explanations of vulnerabilities and recommended remediation actions.
OTHER INFORMATION
- Minimum of 1 years of experience in offensive security roles
- Bachelor's degree in computer science, information security, or a related field. Master's degree preferred.
- Offensive Security Certifications: Offensive Security Certified Professional (OSCP), CompTIA PenTest+, eLearnSecurity Certified Professional
- Penetration Tester (eCPPT) or similar certifications highly desired.