Digiinn360 is looking for an experienced Cyber Security professional to join their Islamabad team. In this role, you will be responsible for identifying vulnerabilities across applications and systems to ensure strong protection against cyber threats. You will work closely with developers and DevOps teams to implement security best practices and perform penetration testing, playing a vital role in safeguarding the organization’s digital infrastructure.
Vulnerability Assessments: Conduct comprehensive vulnerability assessments and penetration testing on web applications, APIs, and network systems. Utilize tools such as OWASP ZAP, Burp Suite, Nessus, and Qualys to identify potential security risks. Collaboration with Development Teams: Work alongside development teams to promote secure coding practices. Provide expert advice on how to remediate discovered vulnerabilities effectively. Security Audits and Compliance: Carry out security audits and reviews to ensure adherence to internal security policies and relevant industry regulations, including GDPR, PCI DSS, and ISO 27001. Emerging Threats: Keep up to date with the latest security threats, vulnerabilities, and best practices by engaging with security communities and leveraging threat intelligence feeds. Security Reporting: Document and communicate findings clearly, recommending actionable mitigation strategies. Assist in prioritizing remediation efforts based on risk assessment.
A Bachelor’s degree in IT, Computer Science, or a related field is essential. Candidates should have 2 to 4 years of experience in security testing, ethical hacking, or penetration testing. Proficiency with security testing tools such as OWASP ZAP, Burp Suite, Nessus, Kali Linux, and Wireshark is required. Experience with both manual and automated security testing tools is important, along with scripting skills to develop custom exploits. Strong analytical abilities and attention to detail are necessary to identify security gaps accurately. Excellent problem-solving skills are needed to design practical security solutions. Effective communication and collaboration skills are essential for reporting findings and working closely with technical teams. Preferred Qualifications and Benefits Certifications like CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), or CISSP (Certified Information Systems Security Professional) are highly desirable. Familiarity with AI-powered code assistants, automated testing, and AI-driven DevSecOps tools will be considered an advantage. Proficiency in scripting languages such as Python, Bash, or PowerShell is valuable for automating security tests and exploiting vulnerabilities.
CEH