Skip to content

CareerBoard

Advertise your job!
 

Charlotte North Carolina - 100-125K Full Time Posted by: Request Technology - Craig Johnson Posted: Monday, 18 January 2021
 
 
Applicants must be eligible to work in the specified location

Prestigious Fortune 500 Company is currently seeking a Senior Pen-Testing Engineer. Candidate will perform penetration testing for the infrastructure and in-house developed applications to discover security vulnerabilities and weaknesses and provide remediation recommendations. The team is looking for an experienced tester with a willingness to share knowledge and work with the team to enhance the security posture applications and systems.

Responsibilities:

  • Perform white and Black Box testing of in-house applications and systems with a variety of commercial and opensource tools
  • Devise creative and custom exploits, solutions, and techniques to discover vulnerabilities and exploitability of the targets
  • Knowledge-share with team on techniques and results to continuously improve the service offering
  • Create detailed report of findings and recommendations after testing is complete and present to stakeholders
  • Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices
  • Mentor junior members of the team in techniques and best practices in ethical hacking and vulnerability analysis

Qualifications:

  • 5+ years experience with penetration testing
  • Demonstrable knowledge and experience of:
    • Cmmon attack techniques for web, mobile and services.
    • Cmmon application testing tools including, but not limited to Burp, SQL Map etc
    • OWASP Tp 10 iPhone and Android application pen testing specifically relating to reverse engineering and instrumentation toolsets
    • Pen testing in Agile and/r Extreme development environments
  • Ability to write scripts/tools to assist in testing
  • Experience testing/analysing applications and networks
  • Understanding of encryption technologies
  • Understanding of common network protocols
  • Working knowledge with various operating systems
  • Ability to relay detailed technical concepts to a broad range of audiences, via written reports and presentations
  • Passion for continuous learning, growth, and tinkering
  • CISSP, GPEN, GWAPT, OSCP, and/or other industry certification is desired but not required

Charlotte North Carolina, United States of America
IT
100-125K
Craig Johnson 
JSCJ-PENTEST
1/18/2021 2:16:02 PM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.