Penetration Tester

USA, Utah, Orem
Up to £0.00 per annum
04 Jan 2019
01 Feb 2019
John Hickles
IT, Security
Job Type

Penetration Tester

An Information Security Consultancy based in Utah, who are a trusted adviser to top organizations worldwide and a leader in the cybersecurity industry, are looking for passionate pentesters who are knowledgeable in application security and vulnerabilities, to join their team at all levels junior - senior.

They have an excellent work culture and provide dedicated time for professional development and research as well as a variety of web app engagements.

Job responsibilities:

  • Penetration tests on Web and Conventional applications as well as embedded, firmware, mobile and more
  • Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications
  • Design and develop security testing scenarios
  • Create threat models that result in more secure application design
  • Analyze and present results of testing to team members, managers and customers
  • Write detailed problem reports, test plan documents, and mitigation recommendations as needed
  • Develop tools to aid penetration test automation and effectiveness
  • Review code for common security vulnerabilities


The ideal candidate would possess the following attributes:

  • Experience performing Network, Web Application and API penetration tests
  • Expert user of Web application proxies (MiTM proxy, ZAP, Burp)
  • Familiar with various API's (REST, SOAP, JSON, etc)
  • Comfortable manipulating and crafting HTTP requests
  • Experience utilizing preferred suite of testing tools.
  • Familiarity with the OWASP Testing Guide
  • Competent at identifying and exploiting vulnerabilities (SQL Injection, Buffer Overflows, Command Execution, Cross Site Scripting, Cross Site Request Forgery, Privilege escalation, etc.)
  • Comfortable documenting vulnerabilities, as well as the steps necessary to reproduce and remediate documented vulnerabilities.
  • Industry Certifications - (OSCP, OSWE, GPEN)

Nice to have:

  • S. in Computer Science or related degree
  • Completed OSCP, OSCE, or a similar security certification
  • Understanding of application design, development, and testing techniques
  • Involved in Bug Bounty program
  • Participated in a Capture the Flag event

Salary ranges from $80k - $120k depending on experience.

Location: Utah