Penetration Tester (225-1013)

A Penetration Tester, also known as an ethical hacker, plays a crucial role in ensuring the security and integrity of an organization's digital systems. This role involves simulating cyber attacks to identify and fix security vulnerabilities in software applications, networks, and computer systems before they can be exploited by malicious hackers. Working closely with the IT and security teams, penetration testers apply their expertise in network security, cryptography, and threat analysis to strengthen the organization’s cybersecurity posture. The ideal candidate will possess a deep understanding of security protocols and systems, with the ability to think like a hacker to stay one step ahead of potential threats. This role is vital in safeguarding sensitive data against unauthorized access and ensuring compliance with various security standards and regulations.

Responsibilities

• Conduct comprehensive penetration tests on corporate networks and software applications regularly.
• Identify potential vulnerabilities in web applications, APIs, databases, and network infrastructures.
• Develop and implement effective security testing strategies and methodologies.
• Prepare detailed technical reports with findings, vulnerabilities, and recommended mitigations.
• Collaborate with IT teams to remediate identified vulnerabilities in a timely manner.
• Utilize automated tools alongside manual testing techniques for extensive security assessment.
• Stay updated with the latest penetration testing tools and cyber threat intelligence trends.
• Conduct social engineering exercises to evaluate and enhance human security awareness.
• Analyze security policies and configurations for compliance with industry standards.
• Provide training and mentorship to junior penetration testers and security staff.
• Communicate effectively with stakeholders regarding risk assessments and security improvements.
• Continuously enhance personal penetration testing methodologies and skillset.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field preferred.
• Minimum of three years of experience in penetration testing or related cybersecurity roles.
• Strong knowledge of web application security, network protocols, and encryption techniques.
• Proficiency with various penetration testing tools such as Metasploit and Burp Suite.
• Relevant certifications like CEH, OSCP, or CISSP are highly regarded.
• Exceptional analytical and problem-solving capabilities in complex environments.
• Excellent written and verbal communication skills for effective stakeholder engagement.