Hi,
This Side
kirti Rani from Steneral Consulting. Please find the attached job description and share me your updated resume. You can reach me out at
+1 3026017375
Job Title:- PENTESTER
Work Location:- Remote
Duration: 5+ Month C2c
Work Authorization:- Citizen, GC
Interview : video
Job Responsibilities
What will I be doing?
We seek a candidate who has the technical expertise and good interpersonal skills to work closely with other teams such as infrastructure, cloud, external contractors, field-level IT resources, and risk management teams.
As a Cyber Security Penetration Tester, your responsibilities will include scheduling and performing penetration tests, assisting developers with remediating vulnerabilities discovered from security assessments, triaging findings that are disclosed through the Bug Bounty Program (BBP), and developing internal tooling for supporting the penetration testing program. You will primarily be performing application-type penetration tests, however, performing network-type and IoT-type penetration tests will be in scope as well.
Responsibilities
Schedule and perform penetration tests for a wide variety of assets
Manage penetration testing projects that are performed by third-party security vendors
Perform threat emulation using known attacker Tactics, Techniques, and Procedures (TTPs)
Triage security vulnerabilities that are disclosed through the BBP
Assist with the development of internal tooling to benefit the penetration testing program
What are we looking for?
To be a success in this role will demonstrate itself through the following attributes and skills:
Demonstrated hands-on experience with penetration testing tooling, such as Burp Suite Professional or Metasploit, including usage of relevant plugins (where applicable).
Experience with conducting reverse engineering on mobile applications, including using emulation solutions for conducting assessments.
Experience with using, administering, and troubleshooting different Linux versions and Windows environments.
Experience with scripting and editing existing code and programming, such as Python, Bash, C/C++, C#, JavaScript and/or Java.
A tenacious, inquisitive mindset for discovering security issues.
Ability to learn quickly and evolve with the rapidly changing threat landscape.
Deep understanding of common web application security issues, such as Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF).
Strong technical writing skills for drafting penetration testing reports.
Good interpersonal, verbal, and written communication skills to successfully interact with clients.
To fulfill this role successfully, you should demonstrate the following minimum qualifications:
At least five (5) years of experience in Technology or a related field
At least one (1) year of hands-on application penetration testing experience
It would be helpful in this position for you to demonstrate the following capabilities and distinctions:
Experience programming in one or more of the following languages: Python, C#, JavaScript, TypeScript
Familiarity with one or more of the following technologies: Node.js, React, Express, GraphQL, IIS, ASP.NET, Flask, Active Directory (AD)
Understanding of fundamental networking-related concepts, such as the OSI model, subnetting, etc.
Relevant cybersecurity certifications (e.g., OSCP, CEH)
Bachelor's Degree, or associate degree plus six (6+) years of Technology related experience, or High School Degree/GED plus twelve (12) years of Technology related experience
Prior security experience in a Fortune 500 or Hospitality environment
Kirti Rani
Associate Talent Acquisition -North America
Desk: +1 3026017375
kirti@steneral.com
In my absence please reach out to Mr. Harish Sharma at harish@steneral.com &
3027216151
