Responsibilities
- Conducting penetration tests on Web Applications, API’s and Mobile Applications. Environments.
- Conduct Penetration Testing on wired and wireless networks, Cloud and on-prem environments, Social Engineering exercises, such as Phishing, Vishing, Smishing and physical access testing for our clients.
- Provide security guidance and consulting as well as a range of security assessments and awareness training to our clients
- Completing high quality and tailored reports for all security services provided
- Providing security testing, research and development to continually grow the Security team and our security offerings
- Providing mentoring to staff on security services and expertise.
Requirements
- Proven 1-2+ years security assessment and penetration testing services experience, with a focus on web applications & API’s. This does not necessarily require commercial experience, if you are involved with bug bounty, hack the box, tryhackme or have other suitable experience.
- Experience with other areas of Penetration Testing such as Wireless, Network, Social Engineering, and Cloud is also advantageous.
- Have a passion for continual learning and a willingness to obtain certifications.
- Broad range of fundamental IT/Networking skills
- Able to obtain and hold relevant police security clearance
- Confidence in presenting to stakeholders of all levels and tying findings back to business risk
- Industry certifications such as CREST (highly desirable), Burp Suite Certified Practitioner (Highly Desirable) CISSP, GPEN, TCM certifications such as PNPT, CPENT, EC-Council, OSCP (highly desirable) etc