Digi117 Cyber Security focuses on evaluating the security posture of organizations, Web Applications, Mobile Applications, API’s and Web Services. We are looking for a Penetration Tester to join our team.
Conduct web and mobile application security vulnerabilities assessments (review designs, perform pentest, code review, and security checks) through the use of scanning tools / manual checks and notify the appropriate team to take necessary action. This may include defining the security controls and parameters that will be measured.
An understanding of current web application development languages is necessary to communicate compensating controls and potential remediation activities.
Review client IT application, network topology and infrastructure to determine cyber security risks.
Work jointly with Development Teams, Architects and Cyber Defense teams to periodically review application code and be able to define security posture of applications and back-end systems.
Assist with application security penetration testing activities, including tool execution, and reporting.
Independently design, recommend, plan, develop and support implementation of project-specific security solutions to meet tactical, and control requirements.
Identify potential security exposures that may currently exist or may pose a potential future threat to the organization's on-premise and/or cloud based applications.
5+ Years of experience, preferably in the areas of Web Application Development or Secure Application Development
Deep understanding of tools Kali Linux, Parrot SEC OS, Burp Suite, OWASP ZAP, or any other penetration testing frameworks or tools is a plus.
Scripting Experience Preferably Python or PowerShell
Strong understanding of OWASP Top 10 Vulnerabilities
Ability to handle major workstreams
Familiar with and able to apply time-proven, generally-accepted security methods, concepts and techniques
Ability to learn and retain new skills as required meeting a changing technical environment.
Ability to occasionally work non-standard shifts and/or on-call to support the requirements of the organization.
Good written and verbal communication skills, fluent English.
Bachelor’s degree in computer science, Business Administration or equivalent educational or professional experience and/or qualifications.
Possession of GWAP, OSCP, GPEN, CEH, CISSP or any other information security related certifications preferred.