hero

Find your next cybersecurity opportunity

240
companies
296
Jobs

Penetration Tester‍

Cybrella

Cybrella

Location unavailable
Posted on Tuesday, January 11, 2022

Penetration Tester

Leading and delivering penetration testing activities with our customers.
This includes the full lifecycle of an engagement from kick off call, testing, report creation, report delivery to debrief.

Roles & Responsibilities:
● You will be expected to understand all the threat vectors to each environment and properly assess them.
● Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
● Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
● Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
● Recognize and safely utilize attacker tools, tactics, and procedures.
● Develop scripts, tools, or methodologies to enhance Cybrella's red teaming processes.
● Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff.

Qualifications:
● The Penetration Tester should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
● 3-7 years' Experience In At Least Three Of The Following.
● Network penetration testing and manipulation of network infrastructure.
● Mobile and/or web application assessments.
● Email, phone, or physical social-engineering assessments.
● Shell scripting or automation of simple tasks using Perl, Python, or Ruby.
● Developing, extending, or modifying exploits, shellcode or exploit tools.
● Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE).
● Reverse engineering malware, data obfuscators, or ciphers.
● Source code review for control flow and security flaws.
● Strong knowledge of tools used for wireless, web application, and network security testing.
● Thorough understanding of network protocols, data on the wire, and covert channels.
● Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell.
● Ability to successfully interface with clients (internal and external).
● Ability to document and explain technical details in a concise, understandable manner.
● Ability to manage and balance own time among multiple tasks, and lead junior staff when required.