What You'll Do

Performs penetration testing and attack simulations on business-critical infrastructure including internal servers, networks and applications to identify and resolve security flaws. Experiments with various methods attackers could use to exploit information security vulnerabilities. Uses standard methodologies and techniques for conducting penetration testing, including developing standard toolsets and automating testing. Completes security testing activities Completes threat assessment reports that outline penetration test findings and presents findings to management. Verifies potential targets for exploit

 

 

Your Qualifications & Skills

5+ years of professional experience in penetration testing of servers and network devices. 5+ years of combined experience in at least three of the following: security testing, systems development, systems administration, network administration, scripting, security testing automation, attack simulation. Pride in your work and a desire to delight the customer motivates you to take initiative, responsibility and ownership of your projects. A self-starter who can take a bit of directional input and then drive projects autonomously [but understands when to ask for help]. A positive and resilient personality - you must be able to embrace feedback and have a desire for continuous iteration and improvement. Fluent level of spoken and written English. Flexibility to work with geographically distributed teams. Willingness to work 3 days a week from the office.

 

  Nice to have

Scripting and coding skills (Java, Python, Bash). Experience with OCI, or other cloud platforms. BS or MS in Computer Science, Computer Security or Computer Engineering. Relevant industry certifications such as OSCP/ CREST CRT, CREST CCT Inf/App, OSCE, CISSP, GSEC, GPEN, GCFW, GWAPT, GAWN or equivalent.