AISB-499 Penetration testing service - NPCL Support

• Conduct web application and IT infrastructure penetration testing using recognized methodologies and tools.
• Design and assess secure network architectures.
• Identify and evaluate vulnerabilities across operating systems, software, protocols, and networks.
• Research and assess emerging security technologies and products.
• Administer and secure UNIX and Windows systems.
• Develop scripts in Python, Go, PowerShell, or shell scripting languages to support security testing and automation.
• Analyze malware infection techniques and implement protection strategies.
• Formulate risk mitigation plans and communicate findings effectively to stakeholders.
• Produce structured technical reports including executive summaries, detailed findings, and remediation plans.

• Bachelor of Science (BSc) in a technical field with substantial IT content from a nationally recognized university.

• Alternatively, at least 10 years of progressive experience in cybersecurity-related roles may substitute for formal education.
• Minimum of 3 years of hands-on experience in:

• Web and infrastructure penetration testing
• Network security architecture
• Vulnerability assessment
• Security product evaluation
• System and network administration (UNIX and Windows)
• Use of penetration testing tools and methodologies
• Scripting (Python, Go, PowerShell, shell)
• Cryptography, authentication protocols, and malware protection

• Certifications such as OSCP, OSCE, OSWE, GPEN, CREST, GXPN, GWAPT or equivalent.
• Familiarity with risk analysis methodologies.
• Experience in international environments, especially those combining military and civilian elements.
• Understanding of complex organizational structures and interrelationships.

• Proficiency in English (written and spoken) is essential.
• Knowledge of a second NATO language is desirable.

AbAKUS