Pentester Lead
hace 3 semanas
.Job Description: DXC Technology is a global professional services company whose mission is to lead the digital transformation of our clients by advising and guiding them in the application of technology to obtain the best results and increase the competitiveness of their companies. With more than 130,000 professionals and expert technologists, collaborating in more than 70 countries together with an exceptional network of partners, we offer advanced IT services and solutions. In Spain, we are one of the main leaders in the IT market. We have nearly 8,000 professionals, distributed in thirteen locations, with centers of excellence in cutting-edge technologies such as Cloud, Business Intelligence, AI, or Automation among many others, serving more than 200 customers from all industries in the public and private sectors. We work with leading companies in the country that trust us to guide their digital transformation. We develop active policies of diversity and inclusion of people with disabilities and we are proud to have a representation of approximately 49% of female professionals. At DXC Spain we are looking for a Pentester Lead to join our great team of Security Iberia. Job Description The Iberia Cybersecurity Team is looking for a professional with high tech experience in pentest exercises and valuable in red team exercises. We want to reinforce our offensive services by energizing a new offensive unit in Iberia; for this reason experience in business aspects, team leadership and contact with clients is highly valued. Requirements: Experience in offensive cybersecurity, including penetration testing and/or red teaming. Experience in pentest and/or red team exercises. Advanced English level and good communication skills, able to address stakeholders of varying technical backgrounds. Stay up to date with the latest trends in the offensive field of cybersecurity. Knowledge of persistence tools and Command and Control platforms, such as Cobalt Strike or Empire. Experience with initial access and reconnaissance tools, including Blood Hound. Experience in bash/shell scripting, Python, and other programming languages. Experience with credential extraction and lateral movement tools and techniques, such as Mimikatz, CrackMapExec, SharpRDP, or similar. Familiarity with security frameworks and methodologies such as MITRE ATT&CK, Cyber Kill Chain, OWASP, and NIST. Tasks: Offering guidance and mentoring to adjacent teams and team members. Understanding the purpose of the assets to be pentested, learning their business relevance, and identifying worst-case scenarios for focused exploitation. Executing penetration test activities, documenting all actions, and employing current TTPs used by real-world attackers. Documenting penetration test results, including technical documentation. Presentation of results to clients at different levels