Key Facts

Remote From:

Suriname

Full time

Senior (5-10 years)

Hard Skills

Other Skills

•
Verbal Communication Skills
•
Social Skills
•
Time Management
•
Teamwork
•
Communication
•
Problem Solving

Roles & Responsibilities

4-6 years hands-on manual experience in Web application penetration testing
Familiar with OWASP Top Ten, OSTMM, WASC
Knowledge of Azure and AWS cloud attacks
Experience with security tools like Burp Suite Pro, AppScan
Bachelor’s or Master’s degree in computer science or related field
Security certifications such as OSCP, GWAPT, CEH are preferred

Requirements:

Execute penetration tests to support Secure Development Lifecycle
Conduct threat modeling and risk analysis
Identify and recommend measures to manage vulnerabilities
Mature penetration testing strategy for early detection of vulnerabilities
Promote Secure SDLC and integrate security tools into CI/CD
Communicate with geographically dispersed teams

TekRecruiter

About TekRecruiter

TekRecruiter is a boutique and deeply specialized Technology Solutions firm with thorough technical aptitude and screening logic to connect innovative employers with the top 1% of in-demand technologist anywhere in the World. The Best Engineers: In-demand | On Bench | Technically Screened Where? World-wide (Onsite | Remote | Nearshore) We are more than recruiting, we make quality software engineering possible by enabling our clients to have easy, efficient and affordable access to top 1% of Technology talent in ways they've never imagined. Building the best Tech Teams: - Direct Hire (Onsite or Remote) - Staff Augmentation (Onsite, Remote, Nearshore) - Software and DevOps Nearshore Outsourcing (Nearshore or Offshore) - Engineers on Bench (Startup Fast) Key Skill Sets: - Software Engineers (JavaScript Stack, Python, Ruby, Go, Java, C#, Rust, Blockchain) - DevOps & Cloud - Artificial Intelligence - Salesforce - SDET - Data Engineering Why TekRecruiter? **Disruptive industry changing automation to deliver the best "Right-Fit" Technology talent faster than our competitors. On-demand | Local | Remote | Nearshore | Offshore **Deeply specialized technology focus Areas outpacing our competitors across Node.js, DevOps, Salesforce, Data, Java, Python and AI Workforce Solutions. **A certified Diversity and Inclusion supplier with industry leading DE&I processes. Vision: To revolutionize, maximize, and uplift the consulting, entrepreneurship, and permanent career growth endeavors of the top 1% of Technologists. Mission Statement: Connecting the best 1% of highly skilled Technology professionals anywhere in the world with innovative employers through strong partnership, relationship, world-class service, and industry leading technology. Core Values: We have HEART - Hard Work - Entrepreneurial Spirit - Accountability - Resilience - Transparency WE HEART TECH STARTUPS

Company type: Startup

Founded: 2018

Company size: 11 - 50

Website LinkedIn See all jobs →

Job description

This is a remote position.

TekRecruiter has been asked to recruit a Full Time Penetration Tester to join the team of an awesome technology company. The role currently starts remotely due to Covid but may return to the Tempe, AZ corporate office in the future.

The Penetration Tester is an integral part of the Global Cyber Security team and will be responsible for executing penetration tests to support the Secure Development Lifecycle. This role ensures that products that are developed are built securely and security vulnerabilities detected in the product are addressed prior to release. Additional responsibilities may be asked as deemed necessary.

Job Responsibilities:

Participate in penetration testing, scoping, security test planning, identifying tools required for penetration testing
Participate in threat modeling, risk analysis and creating mitigation plan
Identify and recommend appropriate measures to manage and remediate discovered or potential vulnerabilities, providing guidance to partner teams
Mature penetration testing strategy for early and effective detection of potential vulnerabilities.
Demonstrate the ability to assess the security of applications- Web applications, APIs, backend / infrastructure supporting the applications, Cloud, Microservices
Promote Secure SDLC and the culture of “shift-left” by integration security tools into CI/CD
Demonstrate knowledge of secure code scanning tools
Keep up-to-date knowledge of vulnerabilities in the field of security for secure application development
Handle communication between geographically dispersed groups

Web / API / Cloud Penetration Testing Qualifications:

Must Haves

4-6 years of independent end to end hands-on manual experience in Web application penetration testing, Webservice / API (REST & SOAP) Penetration Testing
Familiar with security guidelines such as OWASP Top Ten, OSTMM (Open Source Security Testing Methodology Manual) & WASC (Web Application Security Consortium)
Knowledge of Azure and AWS cloud attacks
Experience in enumeration techniques, authentication and authorization, data access, encryption algorithms
Knowledge of security fundamentals, network/application protocols, topologies, reverse engineering, fuzzing & exploit development
Experience in executing security assessment activities which includes internal/external stakeholder communications, risk assessment, documentation and reporting and presentation of findings
Effective project management skills, oral and written communication skills, interpersonal skills
Hands on experience with security tools such as Burp Suite Pro, web application scanners (IBM AppScan, Acunetix, Rapid7 etc..) and static code analysis tools such as Checkmarx, BlackDuck, Veracode, Fortify etc...

Nice to Haves

Expertise in evaluating the security of cloud-based applications, services, and infrastructures including serverless architectures
Experience with testing storage and database systems, virtual machines
Hands-on experience with penetration testing of microservices, SaaS,PaaS
Participated in Bug Bounty programs and CTF
Experience in presenting at security conferences / events
Familiarity with at least one scripting language (Python, Powershell) and programming language such as JAVA and .NET
Knowledge of Secure SDLC and DevSecOps implementation

Educational Qualifications:

Bachelor’s or Master’s degree in computer science or related field
Security certification/s such as OSCP, GWAPT, CEH, CCSK, CCSP, GCPN are strongly considered

TekRecruiter is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. TekRecruiter will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

Salary: 100K to 106K

Ready to apply?

APPLY

Share ·