Penetration Tester

Deal Score0
Deal Score0

Merit 321

Position: Penetration Tester
Location: 100% Remote
Clearance: N/A

Summary

As a member of our clients penetration testing team you will leverage the most up-to-date, automated and manual penetration testing tools and techniques to perform discovery, enumeration, exploitation, and reporting during the engagement, as permitted by the client and called out in the rules of engagement1-on-1 mentorship, training and advice to help users land their next job. Pay only if you succeed in getting hired and start work at a high-paying job first. You assist in the development of rules of engagement, and reporting documentation and work with the client to provide remediation or mitigation strategies as requiredAd:

Ready to find your dream job? Click here.

Functional Responsibilities
• Conduct high quality automated and manual penetration testing of complex web applications as well as networks, servers, workstations, applications, APIs on-site, remotely and in a cloud environment, as required
• Evaluate weaknesses and attempt to bypass in-place information security controls to gain access to organizational resources
• Conduct security architecture reviews of the full stack including applications built on cloud (azure)Ad:

Unsure about your career? Use this free career assessment test to figure it out.

• Conduct manual and automated source code auditing for a variety of technologies
• Work closely with engineering teams to provide security guidance to engineers1-on-1 mentorship, training and advice to help users land their next job. Pay only if you succeed in getting hired and start work at a high-paying job first.
• Assist in creating automations and/or security tooling to scale security testing
• Thoroughly document findings, gaps, and remediation recommendations
• Contribute to team tooling, innovation, and improvements
• Communicate and collaborate with partner teams, service owners, information security, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings
• Serve as subject matter expert in areas of network security, application security, and attack and defense techniques and countermeasuresAd:

Stop spending hours editing your resume to fit job descriptions. 1,000,000+ job seekers have improved their odds of landing an interview by 80%. Optimize my resume now.

Required Skills/ Experience
• Must have a minimum of 3+ years of experience as a network and application penetration tester
• Have OSCP/OSCE, CREST or equivalent certification
• University Degree or College Diploma in Computer Sciences, Information Technology or a related field or equivalent combination of education and experience

Desired Skills/ Experience/ Certifications
• Demonstrated experience (minimum 3 years) in successfully performing independent hands-on penetration tests against external and internal networks, operating systems, web applications and more
• Demonstrated experience running and managing network and application vulnerability scanning and assessment tools
• Demonstrated technical knowledge of current vulnerabilities, exploits and tools (commercial and open source)
• Extensive technical knowledge of security industry best practices and procedures
• Demonstrated experience with security assessment frameworks and procedures, including following industry best practice methodologies for penetration testing and the ability to perform both manual and automated testing
• Experience in researching evolving exploits, techniques, and tools in support of penetration testing efforts
• Experience in developing security tools, using scripts and utilities to automate assessment and analysis activities
• Experience in performing manual and automated security code reviews as well providing effecting and executable remediation and mitigation recommendations
• Experienced in sustaining a penetration test target rich lab environment to serve as a training environment and an environment in which to develop and test new advanced exploits
• Experience in assisting in the sustainment of an up to dated penetration testing toolbox

Soft Skills
• Excellent verbal and written communication skills including the ability to write clear and concise assessment reports that include of findings, recommendations, road maps, and actionable plans
• Exceptional customer service, communication and interpersonal skills
• Ability to communicate and work closely with executives, peers and employees at all levels
• Ability and willingness to work outside of business hours (weekends/evenings)
• Strong time management and organizational
• High degree of integrity, competence, adaptability, resilience and initiative
• Maintain relevant industry certifications and demonstrate a willingness to work toward additional credentials

Desired Qualifications
• Experience testing mobile applications, social engineering, phishing, vishing, physical security, wireless networks, and more
• Consulting experience leveraging offensive methodologies during red and blue team penetration testing
• Experience with curating technical and non-technical documentation with reference to internal processes, procedures and
• Knowledge of security compliance policy, programs, processes, and metrics
• Researching and learning about information security trends, new testing techniques, and best practices, and knowledge sharing with the team

Professional offensive security certifications including OSWE, OSCE are beneficial

Non-vendor specific certifications such as:
• GIAC security certifications (GPEN, GWAPT, GXPN)
• Qualified/Licensed Penetration Tester (Q/LPT)
• Certified Penetration Tester (CPT)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Risk Management Professional (CRMP)
• Certified in Risk and Information Systems Control (CRISC)
• Information Systems Security Management Professional (ISSMP)

EEO

It is the policy of Merit321 to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations

To apply for this job please visit us.trabajo.org.

      Tech Jobs Here
      Logo

      Get Alerts on the Latest Job Posts in your Inbox- Daily!

       

       



       

      We will not spam you. Don't forget to add us to your contacts!