Connecting linkedin



Senior Penetration Tester

  • Location


  • Sector:


  • Job type:


  • Contact:

    Gerald Mitter

  • Contact email:

  • Salary high:


  • Salary low:


  • Job ref:


  • Published:

    about 1 year ago

  • Expiry date:


  • Startdate:


Penetration Tester Depending on the LEVEL the candidate is  at than we could specify the title: • Penetration Tester / : (Consultant or Senior Consultant - Internally) • Penetration, Risk & Vulnerability Specialist: (Lead Consultant – Internally) Responsibilities • Perform formal hands-on penetration tests and vulnerability assessment of complex applications, operating systems, wired and wireless networks, and mobile applications/devices • Design, create, and maintain new penetration tools and security testing plans • Develop scripts and programs for automated penetration and other security testing on networks, systems and applications • Draft project proposals that communicate to the client the details and scope of the project. • Probe for vulnerabilities in web applications, fat/thin client applications and standard applications • Pinpoint methods that attackers could use to exploit weaknesses and logic flaws • Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats • Employ social engineering to uncover security holes (e.g. poor user security practices or password policies) • Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies • Research, document, discuss, and write security findings with management and IT teams and produce actionable, threat-based, reports on security testing results • Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk • Review and define requirements for information security solutions • Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators • Foster and maintain relationships with key stakeholders and business partners • Provide feedback and verification as an organization fixes security issues • Act as a source of direction, training, and guidance for less experienced staff Qualifications • Previous working experience as a Penetration Tester for 3 years • BA in Computer Information Systems, Management Information Systems or similar relevant field • Ethical Hacker Certification Preferred • In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) • Hands on experience with testing frameworks such as the PTES and OWASP • Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud • Critical thinker and problem solver • Excellent organizational and time management skills • Excellent communication and report writing skills • Must be self-starter, eager to take the initiative • Have understanding of, and experience in, evaluating nation-state, hacktivists, and cybercriminal capabilities and activity.