Penetration Tester

Role Overview

CYBERR is partnering with high-profile clients to find skilled Penetration Testers. As a Penetration Tester, you will identify and exploit vulnerabilities in web applications, networks, and systems, providing actionable insights to strengthen clients' security posture. This role offers the opportunity to work across diverse industries like finance, healthcare, technology, and government, utilizing both manual and automated testing techniques in complex environments.

Key Responsibilities

• Conduct penetration tests on web applications, networks, and systems to identify security vulnerabilities and weaknesses.
• Perform vulnerability assessments and provide detailed reports on findings, including risk ratings and remediation recommendations.
• Collaborate with internal security teams and clients to develop mitigation strategies for identified issues.
• Utilize a wide range of tools (e.g., Burp Suite, Metasploit, Nessus, etc.) and manual testing techniques to identify and exploit vulnerabilities.
• Stay current with emerging threats, attack techniques, and cybersecurity trends to continuously improve testing methodologies.
• Document and communicate findings to both technical and non-technical stakeholders in clear, concise reports.
• Provide advice and guidance on improving security controls and practices based on penetration testing results.
• Participate in client meetings and engage in post-test discussions to ensure understanding and effective remediation of vulnerabilities.

Key Skills and Experience

• Experience in Penetration Testing: 2+ years of hands-on experience in performing web application, network, and system penetration tests.
• Knowledge of Cybersecurity Tools: Proficiency with tools like Burp Suite, Kali Linux, Metasploit, Nmap, Wireshark, and others.
• Familiarity with Vulnerability Assessment: Experience using tools such as Nessus, OpenVAS, or similar for vulnerability scanning and analysis.
• Understanding of Exploitation: Knowledge of common attack vectors, such as SQL injection, XSS, CSRF, privilege escalation, and buffer overflows.
• Strong Understanding of Web Technologies: HTML, JavaScript, AJAX, HTTP protocols, and web application architectures.
• Technical Expertise: Familiarity with scripting languages such as Python, Bash, or PowerShell, and understanding networking protocols (TCP/IP, DNS, HTTP/S, etc.).
• Certifications (Preferred): OSCP, CEH, CISSP, or other relevant certifications in cybersecurity.
• Excellent Communication Skills: Ability to present findings and explain technical issues clearly to both technical and non-technical audiences.
• Problem-Solving Mindset: Strong analytical skills and the ability to think like an attacker to uncover hidden vulnerabilities.

Desirable Attributes

• Passion for ethical hacking and staying current with the latest trends and tools in the cybersecurity space.
• Ability to work independently and manage multiple testing engagements simultaneously.
• Strong attention to detail and commitment to delivering high-quality work.
• Ability to collaborate effectively in a team-oriented environment.

What We Offer

• Competitive Salary based on experience.
• Flexible Work Environment: Remote work options.
• Career Growth Opportunities: Gain experience working with top-tier clients across various industries.
• Access to Latest Tools and Technologies: Be at the forefront of the cybersecurity industry.
• Continuous Learning and Development: Opportunities for certifications, workshops, and training.
• Inclusive and Collaborative Culture: Join a growing cybersecurity community of like-minded professionals.

Key skills/competency

• Penetration Testing
• Vulnerability Assessment
• Web Application Security
• Network Security
• Ethical Hacking
• Cybersecurity Tools
• Exploitation Techniques
• Reporting & Communication
• Risk Mitigation
• Scripting (Python, Bash)