Description
You will conduct manual penetration testing across diverse application environments.
Responsibilities
- Perform manual penetration testing against APIs (REST/SOAP), web applications, mobile applications, and thick client applications.
- Conduct threat modeling, business logic evaluations, and application architecture reviews.
- Develop and exploit proof-of-concept (POC) code.
- Execute objective-based, abstract penetration testing engagements independently with minimal oversight.
- Communicate testing processes, techniques, and results to both technical and non-technical audiences while guiding remediation options.
Required Skills
- 3+ years of recent experience in application penetration testing.
- Hands-on experience testing APIs (REST/SOAP), web applications, and mobile applications.
- Proficiency with Burp Suite Pro.
- Experience with application testing tools such as Netsparker.
- Ability to demonstrate testing experience via real-time demos.
- Bachelor's degree from an accredited college/university or equivalent industry experience.
Preferred Skills
- Major ethical hacking certifications such as GWAPT, CREST, OSWE, or OSWA.