Senior Penetration Tester at Silensec

Job Description/Requirements

This is senior security position to work support the CYBER RANGES Ambassador Programme towards educational institutions around the world. As a senior penetration tester you will have the opportunity to lead and conduct numerous client engagements and work as a team leader of a number of consultants, depending on the engagement. You will also have the opportunity to carry out research in various fields of security and work with Silensec’s next generation cyber range platform, CYBER RANGES, to develop advanced security scenarios for both the internal team and clients.

Responsibilities

• Conducting penetration test scoping/kick off meetings with technology business stakeholders, document scope and schedule testing window
• Leading web application, mobile, API and network penetration testing within the designated scope and rules of engagement
• Providing technical guidance for remediation of findings, collaborating with other consultants
• Mentoring and training junior members across different areas of penetration testing and security research
• Interfacing with other consultants from the organizations to provide value-added security services to clients
• Developing bespoke penetration testing and security testing automation tools to deliver successful client engagements
• Performing Red Team activities in coordination with the client’s cyber defense and incident response teams to validate Blue team monitoring & detection processes

Technical skills

• Experience testing applications using Static & Dynamic Application Security Testing (SAST/DAST) techniques, manual processes and automated tools.
• Knowledge of network protocols and general networking topics (i.e. TCP/IP, UDP,ICMP, DNS, routing, etc.).
• Solid experience with at least one software programming language.
• Ability to identify and recommend security controls and risk mitigations solutions to address identified security gaps.

Professional activities – (desired)

• Publishing security white papers and notable blog posts
• Delivering talks at Security conferences
• Leading client workshops/ seminars

Soft skills

• Ability to communicate to C-level clients
• Ability to lead and manage a team of consultants
• Ability to manage client expectations and ensure customer success
• Ability to contribute and participate in community and corporate events

Work Experience

5+ years of industry experience conducting offensive cybersecurity assessments including application penetration testing and infrastructure security assessments

Certifications (Bonus)

• Offensive Security Certified Professional (OSCP)
• Offensive Security Certified Expert (OSCE)
• CREST
• SANS GIAC Penetration Tester, Web Application Penetration Tester, Exploit Researcher and Advanced Penetration Tester.