Penetration Tester - Practitioner

About The Position

Requirements

• Be an apprentice tester for your first 2 projects and then be willing and able to drive a project on your own to successful completion.
• Participate in and drive penetration efforts on behalf of clients, collaborating, digging deep, and creating a report for the investors to outline technical vulnerability and risk.
• Deliver at least one network, API, or web application penetration test every week.
• Work with private equity companies and other investment firms to help them understand the existing technology risks and vulnerabilities that exist in their environment or portfolio.
• Collaboratively work in partnership with internal and client technical leads and team members to ensure that planning and execution of penetration testing efforts occur in a timely fashion and reports are of high quality.

Responsibilities

• Perform network-based penetration testing for clients to identify, assess, and report on vulnerabilities in their public facing infrastructure.
• Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications.
• Perform red team exercises to determine weaknesses in client infrastructure and how they should be remediated.
• Write clear, concise, effective deliverable reports for clients to help them understand their risk posture and how they can reduce it.
• Advise clients on security best practices including application design, infrastructure architecture design, and other considerations.
• Collaborate with other Crosslake practitioners to socialize penetration testing best practices.