Penetration Tester

Job Description: Qualifications Experience in performing penetration testing on enterprise web applications, microservice and mobile applications. Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws. Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON). Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities. Experience developing actionable intelligence based on open source intelligence (OSINT) gathering. Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc. Solid understanding of OWASP testing methodology. Familiarity with front-end web application frameworks (i.e. AngularJS, Bootstrap, etc). 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP).