Penetration Tester
- Employer
- Source Technology
- Location
- USA, Utah, Orem
- Salary
- Up to £0.00 per annum
- Closing date
- 1 Feb 2019
View more
- Sector
- IT, Security
- Job Role
- Penetration Tester, Security Engineer
- Job Type
- Permanent
Penetration Tester
An Information Security Consultancy based in Utah, who are a trusted adviser to top organizations worldwide and a leader in the cybersecurity industry, are looking for passionate pentesters who are knowledgeable in application security and vulnerabilities, to join their team at all levels junior - senior.
They have an excellent work culture and provide dedicated time for professional development and research as well as a variety of web app engagements.
Job responsibilities:
- Penetration tests on Web and Conventional applications as well as embedded, firmware, mobile and more
- Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications
- Design and develop security testing scenarios
- Create threat models that result in more secure application design
- Analyze and present results of testing to team members, managers and customers
- Write detailed problem reports, test plan documents, and mitigation recommendations as needed
- Develop tools to aid penetration test automation and effectiveness
- Review code for common security vulnerabilities
Requirements:
The ideal candidate would possess the following attributes:
- Experience performing Network, Web Application and API penetration tests
- Expert user of Web application proxies (MiTM proxy, ZAP, Burp)
- Familiar with various API's (REST, SOAP, JSON, etc)
- Comfortable manipulating and crafting HTTP requests
- Experience utilizing preferred suite of testing tools.
- Familiarity with the OWASP Testing Guide
- Competent at identifying and exploiting vulnerabilities (SQL Injection, Buffer Overflows, Command Execution, Cross Site Scripting, Cross Site Request Forgery, Privilege escalation, etc.)
- Comfortable documenting vulnerabilities, as well as the steps necessary to reproduce and remediate documented vulnerabilities.
- Industry Certifications - (OSCP, OSWE, GPEN)
Nice to have:
- S. in Computer Science or related degree
- Completed OSCP, OSCE, or a similar security certification
- Understanding of application design, development, and testing techniques
- Involved in Bug Bounty program
- Participated in a Capture the Flag event
Salary ranges from $80k - $120k depending on experience.
Location: Utah
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert