- Act as the SME and technical lead for all penetration testing engagements.
- Perform hands-on penetration testing and vulnerability assessments on web, mobile and API applications, as well as infrastructure assets.
- Assist in the coordination activities with third-party penetration testing engagements.
- Develop and maintain security testing plans and methodologies.
- Carefully document and report the outcome of all penetration tests.
- Produce actionable, threat-based, reports on security testing results.
- Provide SME support and remediation guidance to the vulnerability team and remediation stakeholders.
- Evaluate the current program and contribute to process discussions.
Basic:
- 3-5 years of experience in application and/or infrastructure penetration testing.
- Strong grasp of the OWASP Top 10 and emerging attack vectors.
- Strong grasp of CVSS Scoring versions 2, 3 or 3.1.
- Previous CVE research experience.
- Working knowledge of Windows, Unix/Linux, Mac OS X, Android, iOS, etc.
- Strong verbal and written communication skills.
- Strong collaboration skills.
Preferred:
- Bachelor’s degree or higher in information security, equivalent demonstrated work experience and industry standard certifications.
- Prior experience working on a Penetration Testing Team.
- Information security certifications (e.g. OSCP, OSWA, GPEN, GWAPT, eCPPT, eWPT, CEH, CISSP).
- Software development experience in one or more programming languages (e.g., Java, C#, C++, Python, PowerShell, JavaScript).
- Cloud security experience in one or more of the following (AWS, GCP or Azure).
- Experience in the Casino Gaming industry.
#IndeedSHRSS