Senior Penetration Tester

ABOUT THE ROLE

We are excited to share a highly rewarding and hands-on opportunity for a skilled and experienced Senior Penetration Tester to join our Technical Consulting Team. As part of our team, you will be responsible for conducting penetration tests, vulnerability assessments, and reporting findings to help detect legacy, and bleeding-edge security vulnerabilities in enterprise environments.

You should have a firm grasp of networking, system administration, and web application security. The ability to think outside the box and go beyond conventional attack paths and exploits is highly valued by our team.
As part of this team, the successful application will have oversight and responsibility over assigned Penetration Testing engagements, Web Application Penetration Tests, SilverSky’s Penetration Testing as a Service (PTaaS) offering, as well as SilverSky’s Continuous Validation and Red Teaming services.
This will be a remote position for the ideal candidate.

Essential Duties and Responsibilities: (Additional duties may be assigned as required)

• Scope and perform a variety of penetration tests, including but not limited to Infrastructure (internal and external), Web Applications, APIs, Mobile, Wireless and Cloud.
• Keep cybersecurity training and knowledge current by monitoring the latest security threats and vulnerabilities.
• Write clear and concise penetration testing reports detailing findings and recommendations for remediation of identified vulnerabilities.
• Coordinate and lead client kick-off and discovery sessions to answer questions from prospects and clients.
• Work collaboratively and independently with teammates to provide professional services to our clients.
• Use offensive security expertise to research relevant tactics, techniques, and procedures for assessing and validating weaknesses in various infrastructure and technologies including cloud technologies.
• Develop scripts to automate repetitive actions of penetration tests.
• Identify and provide improvements on existing services, including continuous improvement of existing methodologies, tools and reports
• Serve as a mentor to other Penetration testers and support them in their work.
• Assist in pre-sales efforts as a penetration testing subject-matter expert.

Essential Skills / Experience

• Minimum 3+ years’ experience as a penetration tester. Web application testing and API testing experience is desirable.
• Relevant security qualifications (such as OSCP, CREST CRT, PNPT)
• Web application qualifications is desirable (such as eWPT, OSWA/OSWE, CMWAPT, CREST CWAT, eWPTx)
• Strong knowledge of various operating systems and networks, especially experience with Linux, Windows, and Active Directory.
• Strong experience with web application pen testing methodologies, such as OWASP’s WSTG
• Strong experience with web application pen testing toolsets, such as Burp Suite
• Strong experience in identifying and exploiting web application vulnerabilities
• Experience with penetration testing tools and frameworks such as Metasploit, Nmap, and Nessus.
• Strong communication and report-writing skills in English.

To perform this job successfully, the ideal candidate must be able to perform each essential duty satisfactorily.