Overview
Skills
Job Details
Penetration Tester with Source Code Analysis Remote
Must Have:
- Seeking candidates with solid expertise in Manual web application penetration testing and Manual secure code review.
- Expertise is performing Manual Test Case Scenarios is a must.
- Identification of Vulnerabilities in Source Codes manually is a must.
Not Looking:
- We are not looking for tool dependent SAST and DAST resources.
- False positives review post SAST & DAST tool-based scanning will not be considered.
Key Areas:
Perform manual security code review against common programming languages
Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications
Formal programming experience is a must in any language
Create new testing methods to identify vulnerabilities and entry points that attackers may use to exploit applications, networks, and systems Good to Have:
One or more major ethical hacking certifications not mandatory but preferred; GWAPT, CREST, OSCP, OSWE, OSWA
Provide technical leadership and advice to team members on penetration test engagements
Converse with technical and non-technical audiences to articulate both testing processes, techniques and results
Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice and mentor junior and offshore team members on tools and techniques in performing tests