Sr Penetration Tester

Job Responsibilities 

• Conduct penetration test scoping/kick off meetings with technology business stakeholders, document scope and schedule testing window
  
• Lead web application, mobile, API and network penetration testing within the designated scope and rules of engagement
  
• Provide technical guidance for remediation of findings, collaborating with other CIS teams as necessary
  
• Provide mentoring and training to junior members of attack surface management team
  
• Perform required audit related tasks from internal audit, SOX and PCI activities.   
  
• Interface & support other CIS organizations such as Incident Response, Governance, Risk and Threat Intelligence as necessary
  
• Maintain and compose operational process documentation regarding program execution.
  
• Maintain and grow penetration testing tool suites and automation of tasks through the use of commercial and open source products
  
• Perform Red Team activities in coordination with cyber defense center and incident response teams to validate Blue team monitoring & detection processes
  

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience.
  
• 7 years of IT professional experience, with 3 years Information Security experience, with previous penetration testing or application security background
  
• Strong understanding of a variety of technical concepts such as: Application development, networking, systems administration, and information security practices
  
• Strong web application development, security flaw and remediation technical understanding
  
• Demonstrated experience with a variety of open source and commercial testing tools in areas such as web interception proxies, packet capture, debugging and API interaction.
  
• Experience with data analytics with the ability to provide qualitative analysis and recommendations
  
• Strong verbal and written communication skills to clearly convey both technical
  
• Experience and knowledge of performing security tasks within AWS or Azure cloud environments
  
• Ability to develop strong working relationships with a variety of other enabling teams.
  
• Strong attention to detail, data accuracy, and data analysis.
  
• Self-motivated and operates with a high sense of urgency and a high level of integrity.