Azure Cloud Penetration Tester

Nave Security LLC - Cambridge, MA

posted 8 days ago

Full-time
Cambridge, MA

About the position

The Azure Cloud Penetration Tester at Nave Security LLC is responsible for conducting comprehensive penetration testing and security assessments on Azure cloud infrastructure, services, and applications. This role involves identifying security weaknesses, developing custom exploitation techniques, and providing detailed reports on findings to enhance the security posture of Azure environments.

Responsibilities

  • Perform in-depth penetration testing and security assessments on Azure cloud infrastructure, services, and applications
  • Conduct vulnerability scans and analyze results to identify security weaknesses
  • Develop and execute custom exploitation techniques and tools specific to Azure environments
  • Assess Azure identity and access management configurations, including Azure AD and role-based access controls
  • Evaluate security of Azure storage services, databases, and data protection measures
  • Test Azure networking components, including virtual networks, firewalls, and load balancers
  • Analyze Azure security controls and compliance with industry standards and best practices
  • Provide detailed reports on findings, including risk assessments and remediation recommendations
  • Stay up-to-date on the latest Azure services, security features, and attack techniques
  • Collaborate with development and operations teams to improve cloud security posture

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, or related field
  • 3+ years of experience in penetration testing, with a focus on cloud environments
  • In-depth knowledge of Azure architecture, services, and security features
  • Proficiency in using common penetration testing tools and frameworks
  • Strong understanding of Azure ecosystem, web application security, and network protocols
  • Experience with scripting languages such as PowerShell, Python, or Bash
  • Familiarity with compliance standards such as NIST, ISO 27001, and CIS benchmarks
  • Excellent analytical and problem-solving skills
  • Strong written and verbal communication abilities
  • Relevant certifications such as CARTP, PNPT, or Azure Security Engineer

Nice-to-haves

  • Certified Azure Red Team Professional (CARTP)
  • GIAC Cloud Penetration Tester (GCPN)
  • Azure Security Engineer Associate (AZ-500)
  • Security, Compliance, and Identity Fundamentals (SC-900)
  • Identity and Access Administrator Associate (SC-300)
  • Cybersecurity Architect Expert (SC-100)
  • Azure Administrator Associate (AZ-104)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service