Web App Penetration Tester

Penetration Tester

Avertium is seeking a Web Application Penetration Tester.

Job duties include, but are not limited to, performing web application, API and mobile application penetration tests. The Web App Penetration Tester will lead and mentor junior members to enhance and develop their technical capabilities along with professional client service interactions. Other responsibilities will include pre-sales scoping and support, client development, and conflict resolution. The successful candidate will be self-disciplined and able to work on individual tasks, sometimes without clear requirements, and must work well in a team environment. 

REQUIRED KNOWLEDGE AND EXPERIENCE:

The Web App Penetration Tester should have a combination of experience or certifications. Experience should be identified by previous job duties, published work, or public presentations. The requirements for this position are: 

• Consulting: 2+ years of experience 
• Web Application Assessments – 2 years of recent experience and certifications like OSWE, GWAPT or comparable
• Experienced in API Testing
• Experienced in testing both iOS and Android devices
• Well-known vulnerability assessment and penetration testing methodologies 
• Knowledge of web application design & implementation concepts to include supporting systems 
• Strong understanding of various cloud providers and application configuration and deployment.  
• Information Security Fundamentals – 4 years of experience, BS degree (or higher) in a technical discipline, or certifications like GSEC, GCIH, CISSP, or Security+ 
• Expert knowledge of common vulnerabilities, exploits, and attacks used during a penetration test 
• Familiar with at multiple programing or scripting language such as C, Java, Ruby, Perl, or Python and PowerShell

 IDEAL PERSONAL CHARACTERISTICS:

· Verbal and written communication skills 

· Documentation skills 

· Interpersonal and conflict resolution skills 

· Customer service-oriented capabilities 

· Creative problem solving and analytical thinking 

· Willing to accept new challenges and learn in new areas 

· Flexible and responsive to changing situations; adaptable to changing requirements 

This position requires research, preparation, and participation in presentations and customer briefings, as well as occasional travel (~25%) to customer locations. 

DESIRED (But Not Required):

· Social Engineering tactics, techniques, and procedures 

· Social Engineering tactics, techniques, and procedures 

· General knowledge of network penetration testing 

· Payment Card Industry knowledge and penetration testing concepts 

· Threat modeling, adversary emulation, or long duration Red Team exercises 

In addition to a career in the challenging world of computer and network security, Avertium offers competitive salaries, full benefits, participation in 401(k), and opportunities for professional growth and development. We offer the opportunity to work with cutting-edge security technologies in a stimulating work environment.

Avertium provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.