Penetration Tester

icon Limassol
icon IT/Telecoms



On behalf of Melco Resorts & Entertainment a world leader in development and operations of casino gaming and entertainment casino resort facilities, GRS are seeking to recruit a Penetration Tester. This is an excellent opportunity for any individual who wants to work in a company that believes in the implementation of innovative products and services and is interested in attracting the best possible candidate.
Melco Resorts & Entertainment is a well-established international company that intends to offer the best entertainment experience that aims to appeal to a broad spectrum of customers and thereby become the leader of gaming industry in the region.
If you are seeking an exciting challenge where you can contribute to managing the vulnerability and secure configuration assessment process and activities to include planning, coordinating, and executing vulnerability and configuration scanning and remediation of valid scan results, and have the necessary skills and experience, then the Penetration Tester is an excellent career opportunity in Limassol.
  • Responsible to carry out Vulnerability Assessment and Penetration Testing to identify the weakness.
  • Assist in developing a cyber-threat & vulnerability management strategy relating to Network & application penetration testing and other security assessments.
  • Align vulnerability management and penetration testing functions with the organization’s overall business objectives by reducing information technology’s exposure to vulnerabilities.
  • Assist in managing penetration testing processes and procedures, and produce meaningful metrics and reports.
  • Assist in managing remediation including mentoring vulnerability management and penetration testers in working with Information Technology to architect solutions.
  • Responsible to conduct security assessment across a wide range of technologies.
  • Probe for vulnerabilities in web applications, fat/thin client applications and standard applications.
  • Pinpoint methods that attackers could use to exploit weaknesses and logic flaws.
  • Perform Custom exploit development.
  • Assist in building and incorporating Security as a process in the SDLC phases.
  • Research and develop testing tools, techniques, and process improvements.
  • Stay highly relevant by researching and discovering the newest security vulnerabilities and issues /threats.
  • Assist in reviewing and defining requirements for information security solutions.
  • Perform information security incident response and investigation activities.
  • Perform Forensic Analysis.
  • Assist in working on the improvements for security services, including the continuous enhancement of existing methodology, material and supporting assets.
  • 3+ years of relevant experience in penetration testing and security assessments.
  • Requires in depth experience and knowledge of enterprise IT concerns and niche technologies such as IOT, Blockchain, AWS etc.
  • Manual attack and penetration testing experience above and beyond running automated tools.
  • Attack signature fingerprinting and signature generation (Manual exploit payload analysis), and reverse engineering.
  • Incident Response/ Handling & Digital Forensics.
  • Understanding common software security issues and remediation techniques (OWASP Top 10, SANS 25 etc.).
  • Understanding penetration testing methodology (OWASP, OSSTMM, PTES, NIST 800-115 etc.)
  • A working knowledge of vulnerabilities and configuration settings and their exploitation to gain access to networks, applications, hosts, and desktops.  
  • Security engineering.
  • Threat Modelling.
  • Malware analysis.
  • Forensics analysis.
  • Reverse software engineering.
  • Application Design and Architecture.
  • Wireless security architectures, scanning, rogue detection and prevention and secure configurations.
  • Threat/Vulnerability Research.
  • Source Code Scanning/reviews.
  • Mobile Application Penetration Testing.
  • Phishing Campaigns.
  • Red Team engagements.
  • Conduct testing and analysis, including activities such as password strength and quality assessments. SIEM gap analysis, Web Application testing and exploitation, wireless network exploitation, phishing campaigns, data exfiltration, automated network share crawls for PII and other sensitive data, and cryptographic strength assessments.
  • Experience with MITRE ATT&CK to design and deliver attack simulation exercises.
  • Experience in developing customs scripts or programs to use for port scanning or vulnerability assessment.
  • Ability to perform internal and external penetration testing using automated tools and social engineering.
  • Ability to architect solutions for cross domain solutions to include Microsoft, *NIX, SCADA, and Gaming.
  • Perform, review, and analyze security vulnerability data to identify applicability and false positives.
  • Strong operating system, Database, networking and wireless security skills and deep understanding of TCP/IP networking.
  • Experience with programming languages such as C, C++, C#, asp, and .Net is a plus.
  • Knowledge of and familiar with Public Key Infrastructure and key and certificate management.
  • Knowledge of and familiar with identity and authentication management and their architecture.
  • Well versed in multiple security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others.
  • A bachelor’s degree in computer science and an information security or other similar technical certification such as Certified Ethical Hacker (CEH) or GIAC (Global Information Assurance Certification) or Penetration Tester (GPEN) or Offensive Security Certified Professional (OSCP) is highly desirable.
Due to the high volume of applications, we receive at GRS Recruitment, only shortlisted candidates will be responded to.
To apply for this position, please email your CV to Ross Pitman, quoting the above job reference or call +357 25 342 720 for further information.
Job Summary
  • icon
    9 May 2022
  • icon
  • 2485