Position:	Full-Time
Location:	Remote
Start Date:	June 1, 2023
Nationality:	Any

Windows Management Experts (WME) is looking for a Senior Penetration Tester role. As a Senior Penetration Tester, you will be responsible for assessing our client organization’s security posture by identifying vulnerabilities in their systems and networks. You will leverage your technical expertise and knowledge of penetration testing methodologies to identify weaknesses in a variety of systems, including web applications, mobile applications, cloud systems, and APIs. You will work closely with cross-functional teams to plan and execute penetration tests and provide detailed technical reports to stakeholders outlining the vulnerabilities and risks identified during testing.

To be successful in this role, you will need a strong technical background, including experience with penetration testing tools and techniques, as well as a deep understanding of network security protocols and web application architecture. You will also need to possess excellent communication skills, both written and verbal, as you will be responsible for presenting technical findings to stakeholders in a clear and concise manner.

That said, you will need to stay up to date with emerging cybersecurity threats and vulnerabilities and adapt your penetration testing methodologies accordingly. You will need to be highly self-motivated and able to work independently, as well as a collaborative team player who is able to work effectively with other members of the security team and stakeholders across the organization. Overall, as a Senior Penetration Tester, you will play a critical role in helping to ensure the security and resilience of the organization’s systems and data in the face of an ever-evolving threat landscape.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Required SkillsQualifications/Education:

• 5+ years of penetration test experience.
• Degree in Computer Science, Information Technology, or related discipline from an accredited college or University required.
• Experience with penetration testing tools such as Metasploit, Nmap, and Burp Suite.
• Experience conducting penetration tests of mainframes, cloud systems, mobile, Software-as-a-Service (SaaS) and APIs.
• Knowledge of web application architecture and secure coding principles, and experience conducting code reviews to
• identify vulnerabilities.
• Familiarity with advanced penetration testing techniques, such as binary exploitation, heap spraying, and kernel-level exploitation.
• Experience with threat modeling and risk assessment methodologies, and the ability to apply them to prioritize and plan penetration testing activities.
• Knowledge of network security protocols, including TCP/IP, DNS, SSL/TLS, and VPN, and experience conducting network-based penetration tests.
• Familiarity with regulatory compliance frameworks, such as PCI-DSS, HIPAA, and NIST, and experience conducting penetration tests to assess compliance with these standards.
• Demonstrated experience writing and reviewing technical and non-technical.
• Ability to quickly grasp complex technical concepts and make them easily understandable in text and pictures.
• Excellent written skills in English.
• Strong working knowledge of Microsoft Office.

Responsibilities of the Desired Senior Penetration Tester:

• Plan and execute penetration tests of various systems, including web applications, mobile applications, cloud systems, mainframes, Software-as-a-Service (SaaS) platforms, and APIs.
• Analyze test results to identify vulnerabilities and provide detailed technical reports to stakeholders, including recommendations for remediation.
• Develop custom exploit code and payloads to validate vulnerabilities and demonstrate their impact to stakeholders.
• Collaborate with cross-functional teams, including developers, system administrators, and security analysts, to coordinate penetration testing activities and facilitate remediation of identified vulnerabilities.
• Provide technical guidance and mentorship to junior penetration testers to improve their technical skills and ensure consistent delivery of high-quality testing services.
• Develop and maintain a repository of custom tools and scripts to support penetration testing activities.
• Conduct threat modeling and risk assessments to identify potential attack vectors and prioritize penetration testing activities.
• Stay up to date with emerging cybersecurity threats and vulnerabilities and adapt penetration testing methodologies to address new threats.
• Collaborate with stakeholders to develop and implement secure coding practices and provide input on the security architecture of new systems.
• Participate in incident response activities, including forensic analysis and root cause analysis of security incidents.
• Develop and maintain relationships with external security vendors and researchers to stay up to date with the latest penetration testing techniques and tools.
• Present technical findings to both technical and non-technical audiences and provide recommendations for remediation in a clear and concise manner.

Core Values:

• Integrity (Doing What’s Right)
• Inclusion (Encouraging Diversity)
• Teamwork (Working Together)
• Excellence (Being Your Best)
• Accountability (Taking Personal Responsibility)

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.