Penetration Tester Job Description Template
Our company is looking for a Penetration Tester to join our team.
Responsibilities:
- Fundamental understanding of “coding languages” – C++, C#, PHP, AJAX, HTML, etc;
- Demonstrate understanding of the penetration testing methodology laid out by the following standards PTES, OSSTMM, NIST, OWASP, et al;
- Ability to work socially and efficiently in a team environment and receive direction from the senior members;
- Ability to ask questions and gain further knowledge of problems that may arise during engagements;
- Understand the basics of penetration testing – network, web application, application/code review;
- Fundamental understanding of scripting languages to include the following – python, powershell, ruby, perl;
- Recommend security improvements;
- Scoping and execution of Red Teaming activities;
- Scoping and performing of mobile, application and infrastructure penetration testing against Starling solutions;
- Review, analysis and reporting of external threats relevant to Starling systems and solutions in the context of Starling’s desired security posture;
- Review and testing of incumbent and proposed internal end-user device security controls;
- Input and guidance to security related technical architecture and design decisions;
- Review and analysis of proposed technical solutions to identify appropriate security controls;
- Implement security by design;
- Vulnerability reporting.
Requirements:
- IoT Security testing;
- White + Black Box testing;
- Experience working in both Windows and Linux server operating systems;
- Embedded devices testing;
- Prior security consulting experience;
- Experience with hardware hacking tools;
- 20-40% International Travel;
- 3+ years of penetration testing.