Job Description
We are seeking a Cybersecurity Pentester / Senior Pentester to support our Cybersecurity Consulting practice. This position assists Consultants in planning and executing IT / OT security assessment engagements and red / purple teaming operations for our rapidly expanding client portfolio.
Responsibilities :
- Support Seniors and Consultants with remote / onsite assessments, such as red teaming and / or purple teaming operations, web / mobile application penetration tests, vulnerability assessments, launch phishing campaigns and configuration review engagements
- Ability to minimally conduct blackbox and greybox tests and eventually whitebox testing
- Basic project management and manage client relationships on expectations with effective communication
- Coordinate day-to-day operations with Seniors, Consultants and clients (i.e. schedule and lead meetings; create agendas; develop document request lists; document walkthrough narratives, control designs and tests of operating effectiveness)
- Conduct peer-reviews of the projects in-scope
- Assist Senior Consultants with the preparation and review of draft reports
- Assist with audit quality and assurance procedures
- Utilise base knowledge of information security systems, risks and controls
- Perform other administrative duties and assist with internal initiatives as assigned
Qualifications :
Bachelor's degree from an accredited university in IT, computing / forensics, accounting, data analytics or a related fieldOne to two (1-2) years of experience in information security, IT security testing or a related field preferredFocused experience with OWASP Top 10, OSSTMM, MITRE ATT&CK Framework preferredIdeally, working knowledge and technical experience with Windows OS, Linux, AWS, GCP, Azure, and SQL Server.Understanding of TCP / IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elementsFamiliarity with tools, such as Cobalt Strike, Kali Linux, Burpsuite, Slack, DiscordExcellent interpersonal, written and verbal communication skillsExemplary time-management skills with the ability to juggle multiple projects and prioritiesSelf-starter with a solution-oriented mindset and the ability to thrive in a fast-paced environment, at times with well-defined goals, but limited formal procedures / structureMust be a team player, passionate about the security testing, and have an innovative mindsetWorking toward or already have certifications, such as CREST CRT, OSEP, OSCE / 3, OSWE, OSED, OSWP, OSCP and others related to information security testing and red teaming operations.