What are the responsibilities and job description for the Lead Penetration Tester position at Request Technology, LLC?
Job Details
Lead Penetration Tester
Salary: Open
Location: Chicago, IL or Dallas, TX
Hybrid: 3 days onsite, 2 days remote
Qualifications
- Areas of expertise to include Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open-Source Intelligence, etc.
- 3 Years experience of Penetration testing
- 6 Years experience in Information Assurance or Information Security environment.
- Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing
- Demonstrated exploit and vulnerability experience
- Strong proficiency in intelligence gathering.
- Strong experience with custom scripting (Python, PowerShell, Bash, etc.) and process automation.
- Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
- Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.)
- Bachelor s degree (preferred)
- Certifications (preferred)
Responsibilities
- Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc.
- Conduct ad-hoc white-box penetration testing work of company infrastructure that is still currently in Development, or in need of pre-Production penetration testing
- Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings
- Execute Open-Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools.
- Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities.
- Verify vulnerability false positives
- Perform security risk assessment, threat analysis and threat modeling.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
