WebApp Penetration Tester (remote)

Position Description

This exciting opportunity is a full-time, permanent position with Converge within our Advanced Testing Services division. In this role, you will deliver on a variety of assessment projects and techniques with a focus on business outcomes and helping our clients reduce risk through technical testing. Professional services tasks will include working with diverse Fortune 1000 clients to fully test their environments. Our team invests heavily in mentorship, training & professional development. Converge is experiencing explosive growth and we can't wait for you to join tour team!

Key Responsibilities

• Business focused technical testing - apply advanced technical methods to test, prove and validate technical controls within client environments
• Conduct assessments of client-side web apps
• Perform threat analysis, including identifying critical organization assets and services, relevant threat actors, and likely threat events
• Perform pre-assessment research and preparation including reconnaissance, documentation and configuration review, and customer interviews
• Document security weaknesses, including steps to reproduce
• Analyze security findings, including risk analysis and root cause analysis
• Research and propose practical remediation

Knowledge & Competencies

• Experienced penetration tester and vulnerability assessor
• Dynamic and static application security testing
• Apply industry standards and best practices including the Open Source Security Testing Methodology Manual (OSSTMM) and the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework
• Involvement in security-related projects / communities including CTFs
• Analytic sharpness in thinking like a threat actor or attacker
• Obfuscation/Encoding designed to bypass or defeat various controls or countermeasures
• Conducting social engineering exercises with adherence to a defined rules of engagement document

Education & Qualifications

• OSCP certification or equivalent advanced-level certs are required
• OSWE certification is a big plus
• Excellent report writing and consultative skills
• Be authentic, trustworthy, straight-forward and honest
• Have a client-first mindset and the ability to interact professionally with customers
• Possess a blue-collar work ethic with the willingness to wear many proverbial 'hats' and have a flexible outlook towards your work
• Be competitive and have a performance-based drive to succeed, including self-sufficiency and the ability to work as part of a team

Work Environment

• This position is remote within the United States

Total Rewards

• We offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, company stock match program, PTO/holiday, training/development and so much more.