366 - Penetration Tester - Jr.

Primary Responsibilities

·Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.

·Perform web app pentests

·Perform vulnerability risk assessment

·Perform physical pentests and social engineering

·Perform cyber incident response as needed for programs

Basic Qualifications

Bachelors’ degree from an accredited college in a related discipline, or equivalent experience/combined education, with 3 to 6 years of professional experience; or 1 to 3 years of professional experience with a Masters’ degree.

3 years in Pen Testing and Vulnerability Assessment, with specific emphasis on web application and enterprise network environments.

5 years of professional experience in incident detection and response, malware analysis, or cyber forensics.

Experience with the majority of the tools listed below:

• Kali Linux

• Metaspoilt

• Burp suite pro

• Cobalt Strike / Empire

• Tenable Nessus

• Debuggers such as Immunity

• Bloodhound

• BladeRF / HakRF

• Hak5 equipment

• Wireshark / tcpdump

Specific experience in at least 1 of the following specialties:

• Mobile application testing

• Cloud infrastructure testing

• RF Testing

• Mainframe systems

Must have one of those certifications below:

CEH – Certified Ethical Hacker

CISSP – Certified Information Systems Security

GAWN – Auditing Wireless Networks

GISF – Security Fundamentals

GPEN – Penetration

GSNA – System and Network Auditor

GWAPT – Web Application Penetration Tester

GWEB – Web Application Defender

GXPN – Exploit Researcher and Advanced Penetration Tester

OSCE (Certified Expert)

OSCP (Certified Professional)

OSEE (Exploitation Expert)

OSWP (Wireless Professional)

CompTIA Cyber Security Analyst (CySA+)

CompTIA PenTest+

Splunk Core Certified Advanced Power User

Splunk Core Certified Consultant

Splunk SOAR Certified Automation Developer

eLearnSecurity Certified Professional Penetration Tester (eCPPT)