Senior Penetration Tester

• Act as the SME and technical lead for all penetration testing engagements.
• Perform hands-on penetration testing and vulnerability assessments on web, mobile and API applications, as well as infrastructure assets.
• Assist in the coordination activities with third-party penetration testing engagements.
• Develop and maintain security testing plans and methodologies.
• Carefully document and report the outcome of all penetration tests.
• Produce actionable, threat-based, reports on security testing results.
• Provide SME support and remediation guidance to the vulnerability team and remediation stakeholders.
• Evaluate the current program and contribute to process discussions.

Basic:

• 3-5 years of experience in application and/or infrastructure penetration testing.
• Strong grasp of the OWASP Top 10 and emerging attack vectors.
• Strong grasp of CVSS Scoring versions 2, 3 or 3.1.
• Previous CVE research experience.
• Working knowledge of Windows, Unix/Linux, Mac OS X, Android, iOS, etc.
• Strong verbal and written communication skills.
• Strong collaboration skills.

Preferred:

• Bachelor’s degree or higher in information security, equivalent demonstrated work experience and industry standard certifications.
• Prior experience working on a Penetration Testing Team.
• Information security certifications (e.g. OSCP, OSWA, GPEN, GWAPT, eCPPT, eWPT, CEH, CISSP).
• Software development experience in one or more programming languages (e.g., Java, C#, C++, Python, PowerShell, JavaScript).
• Cloud security experience in one or more of the following (AWS, GCP or Azure).
• Experience in the Casino Gaming industry.