Lead Technical Security Auditor

A highly skilled and experienced Lead Technical Security Auditor with deep expertise in penetration testing, vulnerability scanning, and network security assessment. Possesses a strong understanding security auditing methodology. Committed to providing comprehensive and actionable security assessments to help organizations strengthen their defences.

Key Skills:

• Security Auditing: Expertise in conducting technical security audits across various systems, networks, and applications.
• Compliance Frameworks: Strong understanding of industry standards and regulatory requirements, such as ISO 27001, ISO LA 27001 certification, NIST, PCI DSS, and GDPR.RFP (Request for Proposal) and RFI (Request for Information)
• Penetration Testing: Expertise in conducting various types of penetration tests, including black box, grey box, and white box testing.
• Vulnerability Scanning: Advanced proficiency in using vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS) to identify security weaknesses.
• Network Scanning: Deep understanding of network scanning techniques and tools (e.g., Nmap, etc) for network discovery and vulnerability identification.
• Exploit Development: Knowledge of exploit development methodologies and techniques for identifying and exploiting vulnerabilities.
• Risk Assessment: Ability to assess and evaluate security risks and prioritize remediation efforts.
• Network Security: Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
• Operating Systems and Applications: Familiarity with various operating systems (Windows, Linux, macOS) and applications.
• Cloud Security: Experience with penetration testing and vulnerability scanning in cloud environments (e.g., AWS, Azure, Google Cloud Platform).
• Scripting and Automation: Proficiency in scripting languages (e.g., Python, PowerShell) for automating security testing tasks.
• Documentation and Reporting: Excellent documentation and reporting skills, with the ability to clearly communicate audit findings and recommendations.
• Communication and Collaboration: Strong communication, interpersonal, and collaboration skills. Ability to work effectively with technical and non-technical stakeholders.

Experience:

• Assisted in the development and implementation of security policies and procedures.
• Conducted numerous penetration tests and vulnerability assessments for various organizations, identifying critical vulnerabilities and security gaps.
• Worked with IT and security teams to remediate audit findings.
• Utilized a wide range of penetration testing tools and techniques to exploit vulnerabilities and assess security posture.
• Performed network scanning and analysis to identify network devices, and services.
• Developed and executed comprehensive penetration testing plans and reports.
• Provided expert guidance and training to clients on security best practices and remediation strategies.

Education:

• Bachelor s degree in computer science, Cybersecurity, or a related field.
• Relevant industry certifications (e.g., OSCP, GPEN, GXPN, CISSP, CEH).