Penetration Tester

Responsibilities

Conduct network and application-level security assessments; use automated tools and manual techniques to identify and verify common security vulnerabilities Create comprehensive assessment reports that clearly identify root cause and remediation strategies Communicate with client personnel to gather information, clarify scope and investigate security controls Provide support to the company's security competence through information researches, tool creation, process improvement and other activities

Requirements

3+ years of experience in IT 2+ years of experience in information security (as a penetration tester, security analyst, etc.) Solid understanding of the existing types of web application vulnerabilities and security threats Ability to deliver projects using well-defined methodology for network and application-level vulnerability assessments and penetration tests Experience with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, etc.) Experience in developing your own auxiliary programs in any programming language Familiarity with various technologies and architectures (Linux, Windows, Active Directory, cloud environments, etc.) Ability to work well with customers, self-manage though difficult situations, be focused on client satisfaction Security certifications ( OSCP, OSWE, eWPTX, CRTO, CompTIA, etc.) Good spoken and written English

Nice to have

Knowledge of cryptography Knowledge of the basics of databases and skills in working with a DBMS (one of: MSSQL, Oracle, MySQL, PostgreSQL, etc.) Experience in reverse engineering and source code analysis Familiarity with security standards (PCI DSS, ISO27000, GDPR, etc.) Experience in writing specialized articles and participating in conferences Useful links

---