Web Penetration Tester

**About the role**:

- Create new testing methods to identify vulnerabilities
- Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection
- Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses
- Research, evaluate, document, and discuss findings with IT teams and management
- Review and provide feedback for information security fixes
- Establish improvements for existing security services, including hardware, software, policies, and procedures
- Identify areas where improvement is needed in security education and awareness for users
- Be sensitive to corporate considerations when performing testing (i.e.
minimize downtime and loss of employee productivity)
- Stay updated on the latest malware and security threats

**Position requirements**:
Skills and Competencies:

- Deep understanding of the OWASP guidelines
- Hands-on experience with penetration testing tools
- Able to create and follow up tickets related to security issues
- Able to document and propose solutions and guidelines to developers and infrastructure engineers on best practices
- Robust creativity and problem-solving skills
- Ability to think analytically
- Knowledge of technical systems and terminology
- Proficiency in scripting languages
- Ability to identify and exploit vulnerabilities
- Advanced written and verbal communication skills

Position requirements:

- Minimum of 3-5 years of Security Vulnerable, Exploitation, and Penetration testing experience.
- Experience with OWASP testing Guide / Open Source Security Testing Methodology Manual
- Experience deploying enterprise security testing solutions.
- Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration.
- Advanced understanding of security concepts and security best practices
- Understanding and familiarity with common code review methods and standards
- Experience with performing penetration testing and risk assessments against computer networks
- Background with Qualys, Tenable, and OpenVAS Vulnerability Scanners

Schedule:

- 8 hour shift