|Date Posted||September 29, 2018|
Perform white and black box testing of in-house applications and systems with a variety of commercial and opensource tools
Devise creative and custom exploits, solutions, and techniques to discover vulnerabilities and exploitability of the targets
Knowledge-share with team on techniques and results to continuously improve the service offering
Create detailed report of findings and recommendations after testing is complete and present to stakeholders
Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices
Mentor junior members of the team in techniques and best practices in ethical hacking and vulnerability analysis
Key Essential Skills
5+ years experience with penetration testing
Demonstrable knowledge and experience of:
Common attack techniques for web, mobile and services.
Common application testing tools including, but not limited to Burp, SQL Map etc
OWASP Top 10 iPhone and Android application pen testing – specifically relating to reverse engineering and instrumentation toolsets
Pen testing in Agile and/or Extreme development environments
Ability to write scripts/tools to assist in testing
Experience testing/analyzing applications and networks
Understanding of encryption technologies.
Understanding of common network protocols
Working knowledge with various operating systems
Ability to relay detailed technical concepts to a broad range of audiences, via written reports and presentations.
Passion for continuous learning, growth, and tinkering
Job Qualifications (desired)
CISSP, GPEN, GWAPT, OSCP, and/or other industry certification is desired but not required.