***We are unable to sponsor as this is a permanent full time role***
This role can be worked remote
A prestigious company is on the search for a Penetration Testing Engineer. This individual will be doing the penetration testing for infrastructure and develop applications to discover security vulnerabilities and weaknesses to provide remediation. They will be doing white and black box testing of in-house applications and systems.
- Perform white and black box testing of in-house applications and systems with a variety of commercial and opensource tools
- Devise creative and custom exploits, solutions, and techniques to discover vulnerabilities and exploitability of the targets
- Knowledge-share with team on techniques and results to continuously improve the service offering
- Create detailed report of findings and recommendations after testing is complete and present to stakeholders
- Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices
- 5+ years’ experience with penetration testing
- Demonstrable knowledge and experience of:
- Common attack techniques for web, mobile and services.
- Common application testing tools including, but not limited to Burp, SQL Map etc.
- OWASP Top 10 iPhone and Android application pen testing – specifically relating to reverse engineering and instrumentation toolsets
- Pen testing in Agile and/or Extreme development environments
- Ability to write scripts/tools to assist in testing
- Experience testing/analyzing applications and networks
- Understanding of encryption technologies.
- Understanding of common network protocols
- Working knowledge with various operating systems
- Ability to relay detailed technical concepts to a broad range of audiences, via written reports and presentations
- Passion for continuous learning, growth, and tinkering
- CISSP, GPEN, GWAPT, OSCP, and/or other industry certification is desired but not required