Senior Penetration Tester

WME Requires Senior Penetration Tester

 

Position:
Full-Time
Location: 
Remote
Start Date: 
June 1, 2023
Nationality:
Any

Windows Management Experts (WME) is looking for a Senior Penetration Tester role. As a Senior Penetration Tester, you will be responsible for assessing our client organization’s security posture by identifying vulnerabilities in their systems and networks. You will leverage your technical expertise and knowledge of penetration testing methodologies to identify weaknesses in a variety of systems, including web applications, mobile applications, cloud systems, and APIs. You will work closely with cross-functional teams to plan and execute penetration tests and provide detailed technical reports to stakeholders outlining the vulnerabilities and risks identified during testing.

To be successful in this role, you will need a strong technical background, including experience with penetration testing tools and techniques, as well as a deep understanding of network security protocols and web application architecture. You will also need to possess excellent communication skills, both written and verbal, as you will be responsible for presenting technical findings to stakeholders in a clear and concise manner.

That said, you will need to stay up to date with emerging cybersecurity threats and vulnerabilities and adapt your penetration testing methodologies accordingly. You will need to be highly self-motivated and able to work independently, as well as a collaborative team player who is able to work effectively with other members of the security team and stakeholders across the organization. Overall, as a Senior Penetration Tester, you will play a critical role in helping to ensure the security and resilience of the organization’s systems and data in the face of an ever-evolving threat landscape.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Required SkillsQualifications/Education:

  • 5+ years of penetration test experience.
  • Degree in Computer Science, Information Technology, or related discipline from an accredited college or University required.
  • Experience with penetration testing tools such as Metasploit, Nmap, and Burp Suite.
  • Experience conducting penetration tests of mainframes, cloud systems, mobile, Software-as-a-Service (SaaS) and APIs.
  • Knowledge of web application architecture and secure coding principles, and experience conducting code reviews to
  • identify vulnerabilities.
  • Familiarity with advanced penetration testing techniques, such as binary exploitation, heap spraying, and kernel-level exploitation.
  • Experience with threat modeling and risk assessment methodologies, and the ability to apply them to prioritize and plan penetration testing activities.
  • Knowledge of network security protocols, including TCP/IP, DNS, SSL/TLS, and VPN, and experience conducting network-based penetration tests.
  • Familiarity with regulatory compliance frameworks, such as PCI-DSS, HIPAA, and NIST, and experience conducting penetration tests to assess compliance with these standards.
  • Demonstrated experience writing and reviewing technical and non-technical.
  • Ability to quickly grasp complex technical concepts and make them easily understandable in text and pictures.
  • Excellent written skills in English.
  • Strong working knowledge of Microsoft Office.

Responsibilities of the Desired Senior Penetration Tester:

  • Plan and execute penetration tests of various systems, including web applications, mobile applications, cloud systems, mainframes, Software-as-a-Service (SaaS) platforms, and APIs.
  • Analyze test results to identify vulnerabilities and provide detailed technical reports to stakeholders, including recommendations for remediation.
  • Develop custom exploit code and payloads to validate vulnerabilities and demonstrate their impact to stakeholders.
  • Collaborate with cross-functional teams, including developers, system administrators, and security analysts, to coordinate penetration testing activities and facilitate remediation of identified vulnerabilities.
  • Provide technical guidance and mentorship to junior penetration testers to improve their technical skills and ensure consistent delivery of high-quality testing services.
  • Develop and maintain a repository of custom tools and scripts to support penetration testing activities.
  • Conduct threat modeling and risk assessments to identify potential attack vectors and prioritize penetration testing activities.
  • Stay up to date with emerging cybersecurity threats and vulnerabilities and adapt penetration testing methodologies to address new threats.
  • Collaborate with stakeholders to develop and implement secure coding practices and provide input on the security architecture of new systems.
  • Participate in incident response activities, including forensic analysis and root cause analysis of security incidents.
  • Develop and maintain relationships with external security vendors and researchers to stay up to date with the latest penetration testing techniques and tools.
  • Present technical findings to both technical and non-technical audiences and provide recommendations for remediation in a clear and concise manner.

Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Share:

Facebook
Twitter
LinkedIn

Apply for this Job

    You can opt out if you are not interested in updates about this job and related jobs.

    On Key

    More Posts

    Senior Security Consultant Required by WME

    Senior Security Consultant

      Position: Full-Time / Part-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a Senior Security Consultant role for one of our valued partners. This position provides consultation and direction around Microsoft security solutions to meet strategic and tactical

    Read More »
    DNS Migration Architect

    DNS Migration Expert

    Location:       Remote Work Nationality:   ANY Position:        FULL-TIME Start Date:     ASAP Windows Management Experts (WME) is looking for a motivated & experienced DNS Migration Architect. This role would focus on designing the strategy and overall architecture for migrating DNS services

    Read More »
    Regulatory & Compliance Engineer

    Regulatory and Compliance Engineer

    Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a motivated and experienced Regulatory and compliance Engineer to join one of our client companies. As a Regulatory and compliance Engineer, your focus will be on tools and regulations

    Read More »
    Security Engineer-Architect

    Security Engineer/Architect

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a motivated and experienced Security Engineer/Architect Role to join one of our client companies. As a Security Engineer, your focus will be on solutions and tools like Microsoft

    Read More »
    Cloud Engineer-AWS and Azure

    Cloud Engineer – AWS and Azure

    Position:         Full-Time Location:        Remote Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a Cloud Migration Engineer (AWS to Azure) role for one of our valued clients. The Cloud Migration Engineer

    Read More »

      You can opt out if you are not interested in updates about this job and related jobs.