18 May
Sr. Penetration Testing Engineer
North Carolina, Charlotte , 28262 Charlotte USA

We are unable to sponsor for this permanent full-time rolePrestigious Fortune 500 Company is currently seeking a Senior Pen-Testing Engineer. Candidate will perform penetration testing for the infrastructure and in-house developed applications to discover security vulnerabilities and weaknesses and provide remediation recommendations. The team is looking for an experienced tester with a willingness to share knowledge and work with the team to enhance the security posture applications and systems.

Responsibilities:
  • Perform white and black box testing of in-house applications and systems with a variety of commercial and opensource tools
  • Devise creative and custom exploits, solutions, and techniques to discover vulnerabilities and exploitability of the targets
  • Knowledge-share with team on techniques and results to continuously improve the service offering
  • Create detailed report of findings and recommendations after testing is complete and present to stakeholders
  • Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices
  • Mentor junior members of the team in techniques and best practices in ethical hacking and vulnerability analysis

Qualifications:
  • 5+ years experience with penetration testing
  • Demonstrable knowledge and experience of:
    • Cmmon attack techniques for web, mobile and services.
    • Cmmon application testing tools including, but not limited to Burp, SQL Map etc
    • OWASP Tp 10 iPhone and Android application pen testing – specifically relating to reverse engineering and instrumentation toolsets
    • Pen testing in Agile and/r Extreme development environments
  • Ability to write scripts/tools to assist in testing
  • Experience testing/analyzing applications and networks
  • Understanding of encryption technologies
  • Understanding of common network protocols
  • Working knowledge with various operating systems
  • Ability to relay detailed technical concepts to a broad range of audiences, via written reports and presentations
  • Passion for continuous learning, growth, and tinkering
  • CISSP, GPEN, GWAPT, OSCP, and/or other industry certification is desired but not required


Related jobs

Report job