Penetration Tester

December 13, 2024

Apply Now

Receive Emails with Similar Jobs

Airitos, LLC

WebsiteLinkedInAll Job Openings

Airitos, LLC is a consulting firm specializing in identity and access management. The company focuses on optimizing the identity lifecycle for both internal and external users, offering services that include identity and access assessments, architecture and strategy, and implementation services. Airitos aims to enable businesses by providing comprehensive identity and access management solutions.

2 - 10 employees

🔐 Security

📋 Description

• Act as technical lead supporting cyber security goals and objectives. • Serve as security engineer for software development, securing confidentiality, integrity, and availability. • Conduct and lead comprehensive penetration tests on client networks, systems, and applications. • Identify security vulnerabilities, misconfigurations, and weaknesses in target environments. • Utilize automated scanning tools and manual testing techniques to exploit vulnerabilities. • Document findings, methodologies, and recommendations for clients. • Evaluate SDLCs and advise on application security technologies. • Implement application security technologies with SDLCs. • Support developer teams managing cybersecurity related processes. • Provide technical guidance to developers on cybersecurity. • Ensure reliable operation of application security technologies supporting program objectives. • Collaborate with quality assurance and software development teams to prioritize vulnerabilities. • Perform code analysis manually and using SAST, DAST solutions. • Provide remediation guidance to developers and administrators. • Maintain ethical standards while conducting penetration testing activities.

🎯 Requirements

• At least 6 years of experience in a relevant DevSecOps role and technical degree in computer / information science; • At least 6 years of related field work experience in Penetration Testing and / or Cloud Security, at least 2 years of which in a software development role, and at least 2 years of which in a cyber security role and technical degree in computer / information science; • At least 10 years of relevant field experience in Penetration Testing and / or Cloud Security, at least 2 years of which in a software development role, and at least 2 years of which in a cyber security role. • A strong understanding of cybersecurity fundamentals relating to software development. • Experience developing software utilizing at least two programming languages: C#, GoLang, .NET, NodeJS, Java, C++, PHP, Python, or others. • Proven experience in conducting penetration tests and security assessments across various environments. • Advanced proficiency with penetration testing tools such as Metasploit, Nmap, Burp Suite, and Wireshark. • Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are required (at least one). • Demonstrated experience working with technical and non-technical staff. • Strong collaboration and communication skills. • Basic knowledge of a broad range of IT Security, Controls and Service Delivery standards and frameworks, for example: ISO 27001, ITIL, CoBIT. • Experience with CSP infrastructure, such as that on AWS, GCP, or Microsoft Azure Cloud. • Experience with at least three of the following technology spaces: SAST, SCA, DAST, IAST, Fuzz Testing, ASPM, Threat Modeling, and similar. • Experience validating software development processes meet cybersecurity requirements. • Experience analyzing code for weaknesses and errors and overseeing plans to improve code. • Safety, consistency in schedule, and regular attendance are essential functions of this job. • Provide off-hours support as needed. (Potential shifts may run 24/7 due to business needs).