- Good understanding of TCP/IP, OSI model, DNS, DHCP, VPN, routing, switching, firewalls, and common ports/protocols.
- Hands-on experience with tools such as Nmap, Nessus, Qualys, Nexpose, Metasploit, Wireshark, Netcat, Nikto, Hydra, and Kali Linux.
- Ability to perform port scanning, service enumeration, vulnerability validation, and basic exploitation.
- Knowledge of common network vulnerabilities such as weak SSL/TLS, default credentials, insecure protocols, SMB issues, outdated services, missing patches, and risky open ports.
- Ability to validate scan findings manually and reduce false positives.
- Basic understanding of CVE, CVSS, risk rating, impact, and remediation.
- Should be able to prepare technical findings with evidence, impact, and remediation recommendations.
- Should have thorough understanding on various Network security standards, frameworks and threat models.
Good to have: Basic scripting, firewall/configuration review exposure, AD basics, PCI DSS/ISO 27001 other compliance and benchmark exposure.
Certification: CEH/eJPT/Security+/PJPT/eCPPT certification.