Penetration Tester

Infinite Group
Published
22 May 2021

Description

Description:

IGI Cybersecurity is seeking a Penetration Tester to join our Cybersecurity Services Team to perform network and application penetration tests and vulnerability assessments. The Penetration Tester will design and perform penetration tests, analyze findings, and report results.

Specific duties:

  • Conduct Tests on Networks and Applications
  • Perform Red/Blue / Purple teaming exercises
  • Perform security tests on networks, web-based applications, and computer systems. Help Design these tests and tools to perform non-bruising exploits against security-protected applications and networks to probe for vulnerabilities and try to pivot laterally, gathering up evidence in an undetected manner.
  • Ability to follow guidelines of company practices when performing ethical hacking, do this by trying to hack into networks to identify potential vulnerabilities in the system.
  • Research the latest methods for ethical hacking and testing and are always evaluating new penetration testing tools.
  • Write Security Assessment Reports, executive summaries and organize information in a manner that is logical and comprehendible to a non-technical reader as well as technical.
  • Document your findings, write security reports, and discuss solutions with IT teams and management. Provide feedback and verification after security fixes are issued.
  • Understand and articulate in the reporting the impact behind the findings and provide any action items or recommendations.
  • Occasionally perform Physical Security Assessments & Analyze Security Policies
. Requirements:

Should possess the following skills:

  • Patience is key in this practice. Have an ability to solve technologically challenging problems.
  • Advanced computer skills – extensive computer skills and an understanding of networking.
  • Computer and information security – keep up to date on security software packages and are always learning new security protocols and computer technologies that could be exploited
  • Scripting and programming
  • Report writing – be able to write reports on their assessments to communicate potential weaknesses to the IT team and management. Present the evidence and the contextual logic clearly to the reader.
  • Problem-solving skills – to protect networks and data from potential serious risks, penetration testers use problem-solving skills to determine the most effective way to correct issues that arise
  • Communication Skills – The ability to speak to a variety of audiences from C-level to technical staff. Understand the priority of notification when a critical vulnerability or risk is identified and the recommended approach to remediate it.
  • Data analytics – Comparison of penetration tests may be reviewed of all data and analyze the processes needed to correct security issues
  • Frameworks – Should have a understanding on OWASP and other security frameworks.

Qualifications:

  • Should have some exposure using the following software and programs:
  • Programming languages (such as SQL, C ++, JavaScript, Ruby, and Python, Unix)
  • Security assessment tools (such as Metasploit, Wireshark, Aircrack-ng, Burp Suite, SQLmap, Nessus, DirSync)
  • Security frameworks (such as NIST, SOX, HIPPA)
  • Operating systems (such as Linux, Unix, Windows)
  • Office suite
  • Cloud - AWS

Cultural Mindset:

Should operate as a team player and also autonomously.

Certifications:

A combination of certifications consisting of CCSK, CISSP, and another such as CEH or comparable.

Source: Remote Tech Jobs

Source: Remote Tech Jobs