QA Analyst
AIQ
CypressSelenium
Penetration Tester - Part Time
TestPros, Inc.
part-time
Posted on:
Location: 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSCloudCyber SecurityLinuxMacOSOpen SourcePython
About the role
- Conduct complete penetration tests, report on results, and provide improvement recommendations
- Ensure customer satisfaction through the delivery of high-quality consulting services across a portfolio of commercial and federal government projects
- Ability to elicit and understand customer requirements and covert those requirements into a technical services solution
- Ability to accurately estimate time and cost for each project
- Foster an environment of continuous learning, innovation and excellence
- Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks
- Develop, review and approve formal statements of work, change requests, and proposals
- Formulate timely reports and documentation to track progress
- Effectively collaborate with peers and company leadership to accomplish team, corporate and client objectives
- Answer developer, designer, and content contributor questions about IT Security requirements.
Requirements
- Minimum of 5 years of experience in penetration testing
- Desired certifications – Security+, CEH, GPEN, OSCP, AWS, or equivalent
- Understanding of OWASP Top 10 and “industry best practices” for penetration testing
- Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
- Understanding of Pen Test methods such as OSSTMM, OWASP, PTES, FedRAMP Penetration Test Guide, NIST, etc.
- Proficient with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
- Solid understanding of manual scripting and scripting languages- ex. Python, Bash, PowerShell, C/C++, etc.
- Proficient with using commercial and open source penetration testing tools – ex. Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite, etc.
- Conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts
- Proven ability to perform computer network vulnerability assessment and penetration testing
- Understanding of risk planning and mitigation strategies
- Ability to prepare and present documents and briefing materials
- Advise on new threats to the technologies and environment and provide mitigation steps when applicable
- Provide security guidance on design, deployment, and architecture of web-based and cloud hosted applications.
- Participate in technical discussions and collaborate with team members
- Exceptional communication skills - both orally and written
- Strong customer service skills
- Strong organizational and time-management skills with the ability to handle multiple tasks at once, while still paying attention to detail
- A strong work ethic and self-starter attitude, with the ability to thrive in a fast-paced environment
