Company Name: Product Based Company

Work Model : Full time / Onsite

Location : Bangalore

Job Description Overview:

▪ Lead engagements from kickoff with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.

▪ Minimum 3+ years of experience in product penetration testing.

▪ 3+ years of experience in web, mobile (Both Android & iOS) and thick client penetration testing domains. (Recommended to have expertise in more than 1 domain)

▪ Perform exploit and vulnerability research on Schneider electric products.

▪ Knowledge of TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred.

▪ Knowledge of at least one scripting language such as python, shell script, ruby, javascript etc.

▪ Research fuzz testing tools and conduct penetration test on a variety of Schneider Electric products via communication interfaces such as Modbus, Wi-Fi, Bluetooth, and others.

▪ Ability to develop detailed PoCs, train product team and promote security awareness.

▪ Stay up to date on the latest exploits and security trends. Who Are We The Schneider Electric Global Security Lab (GSL) performs testing to ensure that we deliver more secure products to our customers. Our Global Security Labs in Bangalore, India; Shanghai, China and Grenoble, France provide Code Scanning services and Penetration Testing services. Schneider Electric’s Global Security Lab is accredited by CREST for pen-test. Requirements

▪ Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. ▪ OSCP, OSCE, SANS GPEN, GXPEN, CRTE, CPSA, CRT or CEH certified.

▪ Good understanding of emerging technologies such as IoT and 5G

▪ Knowledge of programming languages such as C, C++, Java, .Net or Javascript.

▪ Ability to learn and adapt quickly

▪ Knowledge of Windows and Linux, basic security, and networking principles.

▪ Knowledge of reverse engineering tools, debuggers, and dynamic analysis techniques.

▪ Knowledge of OWASP, NIST, MITRE CWE etc. One or more of the following may serve as a distinct advantage (not strictly required):

▪ Hardware debugging skills

▪ Familiarity with testing embedded devices, OT/IoT protocols.

▪ Basic reverse engineering skills (Familiarity with IDA Free, Ghidra, etc.) ▪ Basics of ARM exploitation.

▪ Good in exploit writing.