About the role
A White Hat hacker tests systems and networks by trying to break into them. They are hackers, but their talents are being used to improve Cyber Security. Being hackers, they are familiar with the tactics that malicious hackers use to compromise systems; White Hat hackers try to find the vulnerabilities before the bad guys do.
Will act as Ethical white hat attacker (red teamer) to simulate cyber-attacks, and/or Defensive cybersecurity personnel (blue teamer) to harden against simulated attacks. Develops and prepares penetration testing Rules of Engagement, test plans, and reports. Provides recommended remediation actions to lower overall risk exposure, as required. Provides technical expertise on penetration testing tools and simulation environment.
Knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design, and functionalities with an interest in performing penetration testing of diverse and challenging IT systems and applications.
- Researching the intended application or system target via both open-source and dark-web channels
- Scanning target networks and systems with commercial, open-source, or custom vulnerability scanners
- Identify potential vulnerabilities that can be exploited
- Based on the vulnerabilities designing a plan of attack that can includes:
- Exploiting software vulnerabilities, systemic vulnerabilities,
- Input / output manipulation, or any combination of those factors
- Testing business logic vulnerabilities
- Bypassing existing security controls such as one-time passwords, tokens etc.
- Able to develop scripts (e.g Python, Shell, PowerShell, Ruby, Perl etc) to be used a payload and exploiting vulnerabilities
- Drive remediation by outlining a defence-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures.
- Technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience.
What you’ll bring
- Deep knowledge of network protocols (IPV6, DNS, HTTP, etc) and accompanying tools (Wireshark, TCPDump, etc)
- Understanding of network administration of Routers and Switching technology (CCNA a plus)
- Understanding of and the ability to perform penetration testing
- Understanding of penetration testing tools and techniques (Kali, Backtrack, Metasploit)
- Understanding of how malicious software works (malware, trojans, rootkits, etc)
Canididates should possess any one of the following industry certifications
- CISSP – ISC2
- Offensive Security Certified Professional
- Certified Ethical Hacker
- Certified Pentester
- Web Application Penetration Tester (GWAPT)
- Exploit Researcher and Advanced Penetration Tester (GXPN)
What we’ll offer you
We strongly believe that everybody’s career path is different. We will proactively support your professional development and accelerated career progression – including opportunities to grow your capability and deliver. We work in an environment that encourages entrepreneurial spirit, and although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.
Why we’re different
At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-ground-breaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.
Capgemini is proud to represent nearly 130 nationalities and the cultural diversity that brings. Our holistic definition of diversity extends beyond gender, gender identity, sexual orientation, disability, ethnicity, race, age and religion. Capgemini views diversity as everything that makes us who we are as an organization, including our social background, our experiences in life and work, our communication styles and even our personality. These dimensions contribute to the type of diversity we value the most: diversity of thought.
A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion. People matter, results count.