Penetration tester

Role- Penetration tester

Location- Austin, TX or SCV, CA

Type/C2C

Experience should be six to eight years

Need candidates with OSCP certifications

Required skills

·        Experienced in Web application penetration testing

·        Experienced Mobile application penetration testing

·        Coding skills to test/simulate infiltration

·        Excellent knowledge of computer security and systems

·        Understanding of how vulnerabilities and security breaches can disrupt business

·        Good in troubleshooting and problem-solving skills

1.      5+ or more years conducting penetration testing using freeware and commercial tools like BurpSuite, security reviews, threat modeling, tracking findings.

2.      Hands on exp in the area of DAST, SAST, Code review, DevSecOps etc.

3.      Conversant in at least one programming language such as Python or Java

4.      Familiar with typical web application vulnerabilities, especially OWASP top 10, understand the risk and principle of the vulnerabilities.

5.      Hands on skills to identify common vulnerabilities in real application, not just demo or lab.

6.      Understand how HTTP works.

7.      Basic ability to research, study and know how to solve simple technical issues

Good to have skills

o   Ability to identify and exploit web vulnerabilities (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.)

o   Ability to identify and exploit mobile vulnerabilities (API issues, insecure storage, memory corruption, deep links, etc.)

o   Create new testing methods to identify anomalies, vulnerabilities

o   Communication skills to collaborate with different teams, document execution report and share findings