Penetration Tester

December 13

Apply Now

Receive Emails with Similar Jobs

Airitos, LLC

WebsiteLinkedInAll Job Openings

2 - 10 employees

🔐 Security

Description

• Act as technical lead supporting cyber security goals and objectives. • Serve as security engineer for software development, securing confidentiality, integrity, and availability. • Conduct and lead comprehensive penetration tests on client networks, systems, and applications. • Identify security vulnerabilities, misconfigurations, and weaknesses in target environments. • Utilize automated scanning tools and manual testing techniques to exploit vulnerabilities. • Document findings, methodologies, and recommendations for clients. • Evaluate SDLCs and advise on application security technologies. • Implement application security technologies with SDLCs. • Support developer teams managing cybersecurity related processes. • Provide technical guidance to developers on cybersecurity. • Ensure reliable operation of application security technologies supporting program objectives. • Collaborate with quality assurance and software development teams to prioritize vulnerabilities. • Perform code analysis manually and using SAST, DAST solutions. • Provide remediation guidance to developers and administrators. • Maintain ethical standards while conducting penetration testing activities.

Requirements

• At least 6 years of experience in a relevant DevSecOps role and technical degree in computer / information science; • At least 6 years of related field work experience in Penetration Testing and / or Cloud Security, at least 2 years of which in a software development role, and at least 2 years of which in a cyber security role and technical degree in computer / information science; • At least 10 years of relevant field experience in Penetration Testing and / or Cloud Security, at least 2 years of which in a software development role, and at least 2 years of which in a cyber security role. • A strong understanding of cybersecurity fundamentals relating to software development. • Experience developing software utilizing at least two programming languages: C#, GoLang, .NET, NodeJS, Java, C++, PHP, Python, or others. • Proven experience in conducting penetration tests and security assessments across various environments. • Advanced proficiency with penetration testing tools such as Metasploit, Nmap, Burp Suite, and Wireshark. • Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are required (at least one). • Demonstrated experience working with technical and non-technical staff. • Strong collaboration and communication skills. • Basic knowledge of a broad range of IT Security, Controls and Service Delivery standards and frameworks, for example: ISO 27001, ITIL, CoBIT. • Experience with CSP infrastructure, such as that on AWS, GCP, or Microsoft Azure Cloud. • Experience with at least three of the following technology spaces: SAST, SCA, DAST, IAST, Fuzz Testing, ASPM, Threat Modeling, and similar. • Experience validating software development processes meet cybersecurity requirements. • Experience analyzing code for weaknesses and errors and overseeing plans to improve code. • Safety, consistency in schedule, and regular attendance are essential functions of this job. • Provide off-hours support as needed. (Potential shifts may run 24/7 due to business needs).