Penetration Tester

Newark, United States | Posted on 01/10/2025 We are seeking a highly skilled and experienced Senior Penetration Tester to join our cybersecurity team. This individual will lead complex penetration testing activities, conduct advanced red team engagements, and thoroughly assess our clients' networks, applications, and systems for vulnerabilities. The ideal candidate is a seasoned security professional with a passion for uncovering weaknesses before adversaries can exploit them"”and a knack for communicating technical findings to both technical and non-technical audiences. Key Responsibilities Advanced Penetration Testing Execute sophisticated penetration tests against web applications, networks, cloud environments, and mobile platforms. Perform in-depth reconnaissance, exploit development, and post-exploitation activities to fully gauge security weaknesses. Collaborate with stakeholders to identify high-risk areas and design targeted testing strategies. Evaluate potential attack vectors, assess impact, and prioritize remediation steps based on industry best practices. Red Team Engagements Plan and lead complex red team operations, simulating real-world attack scenarios that encompass social engineering, physical intrusion, and cyber infiltration tactics. Coordinate with purple team exercises to help stakeholders detect, respond to, and recover from simulated attacks. Reporting & Documentation Prepare clear, detailed reports outlining findings, remediation guidance, and risk assessments. Communicate results effectively to executives, security teams, and developers, ensuring stakeholders fully understand threats and mitigation strategies. Technical Leadership & Mentorship Serve as a subject matter expert for junior testers, guiding them in methodologies, tooling, and emerging threat techniques. Stay current with new offensive security tools, vulnerability trends, and threat landscapes, sharing knowledge to enhance team capabilities. Security Program Enhancement Advise clients and internal teams on best practices for security architecture, secure coding standards, and incident response. Contribute to the continuous improvement of penetration testing methodologies, processes, and internal tools. Requirements Education & Certifications Bachelor's degree in Computer Science, Cybersecurity, or equivalent work experience. Relevant certifications such as OSCP, OSCE, GPEN, GXPN, or CEH strongly preferred. Experience Minimum of 5 years' hands-on penetration testing experience, with a proven track record of finding complex vulnerabilities. In-depth knowledge of common frameworks (OWASP Top 10, MITRE ATT&CK, NIST) and industry-standard tools (Burp Suite, Metasploit, etc.). Experience with programming/scripting in languages such as Python, Go, or PowerShell for exploit development and automation. Security Clearance Current or active government security clearance is strongly preferred . Applicants able to obtain or maintain a clearance may also be considered. Technical & Soft Skills Proficiency in network protocols, operating systems (Windows, Linux, macOS), and cloud environments (AWS, Azure, GCP). Familiarity with containerized environments (Docker, Kubernetes) and DevSecOps principles. Strong analytical and problem-solving abilities, with excellent attention to detail. Effective communication and presentation skills for delivering technical results to non-technical audiences. Desired Attributes Adaptability - Able to quickly pivot to new technologies, frameworks, and attack vectors. Collaboration - Comfortable working cross-functionally and guiding teams through advanced security scenarios. Curiosity - Passion for researching cutting-edge offensive security tactics and pushing boundaries to identify critical vulnerabilities. #J-18808-Ljbffr

Created: 2025-02-01