Penetration Tester

Cardinal Integrated Technologies, Inc.

$90K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years of experience as a Penetration Tester
  • Bachelor's degree in Computer Information Systems or related field
  • Preferred Ethical Hacker Certification
  • Proficient in at least one programming or scripting language (e.g., Python, Ruby)
  • Hands-on experience with PTES and OWASP testing frameworks
  • Knowledge of various operating systems and cloud technologies
  • Strong critical thinking and problem-solving capabilities

Responsibilities

  • Conduct hands-on penetration tests for complex systems and applications
  • Create and maintain penetration testing tools and security plans
  • Automate testing processes through scripting and programming
  • Draft detailed project proposals for clients
  • Identify vulnerabilities in various application types
  • Analyze potential attack methods and weaknesses
  • Incorporate business impacts into security strategies
  • Document and report security findings to stakeholders
  • Generate metrics to evaluate security posture
  • Guide and mentor less experienced team members

Benefits

  • Opportunity for growth with varying job titles based on experience
  • Engagement with a diverse range of technical and non-technical stakeholders
  • Potential for shaping security strategies within the organization
  • Chance to work on cutting-edge security testing tools
  • Access to ongoing training and mentorship opportunities
Full Job Description
Penetration Tester

Depending on the LEVEL the candidate is at than we could specify the title:
  • Penetration Tester / : (Consultant or Senior Consultant - Internally)
  • Penetration, Risk & Vulnerability Specialist: (Lead Consultant - Internally)

Responsibilities
  • Perform formal hands-on penetration tests and vulnerability assessment of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
  • Design, create and maintain new penetration tools and security testing plans
  • Develop scripts and programs for automated penetration and other security testing on networks, systems, and applications
  • Draft project proposals that communicate to the client the details and scope of the project.
  • Probe for vulnerabilities in web applications, fat/thin client applications, and standard applications
  • Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
  • Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
  • Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
  • Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
  • Research, document, discuss and write security findings with management and IT teams and produce actionable, threat-based, reports on security testing results
  • Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
  • Review and define requirements for information security solutions
  • Communicate security issues to a wide variety of internal and external "customers" to include technical teams, executives, risk groups, vendors and regulators
  • Foster and maintain relationships with key stakeholders and business partners
  • Provide feedback and verification as an organization fixes security issues
  • Act as a source of direction, training, and guidance for less experienced staff

Qualifications
  • Previous working experience as a Penetration Tester for 3 years
  • BA in Computer Information Systems, Management Information Systems or similar relevant field
  • Ethical Hacker Certification Preferred
  • In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
  • Hands-on experience with testing frameworks such as the PTES and OWASP
  • Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
  • Critical thinker and problem solver
  • Excellent organizational and time management skills
  • Excellent communication and report writing skills
  • Must be self-starter, eager to take the initiative
  • Have an understanding of, and experience in, evaluating nation-state, hacktivists, and cybercriminal capabilities and activity.

Similar Jobs

More Jobs at Cardinal Integrated Technologies, Inc.

  • Mid-level AWS Engineer
    $130K — $140K *
    New York, NY 10025 (New York County)
    Information Technology
    In-Person
  • Data Architect W Ecommerce
    $100K — $140K *
    Monmouth Junction, NJ 08852 (Middlesex County)
    Information Technology
    In-Person
  • .Net C# Developer
    $90K — $120K *
    Trumbull, CT 06611 (Greater Bridgeport County)
    Information Technology
    In-Person
  • Automation Engineer
    $90K — $120K *
    Monmouth Junction, NJ 08852 (Middlesex County)
    Technical Services
    In-Person
  • Sr. QA Engineer
    $100K — $130K *
    New York, NY 10025 (New York County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Penetration Tester jobs: