Senior Penetration Tester We have an exciting opportunity for an experienced Web Application Penetration Tester to join a successful and rapidly growing specialist cyber security organisation. The company offers penetration testing, security assurance, and related cyber security services to a range of NZ and international clients, from innovative SaaS start-ups to publicly listed and critical infrastructure providers. Due to a high level of demand for their services they are expanding their team. What is offer? Real growth opportunities in a small company focused on high quality penetration testing A tight-knit team with a focus on collaborative working and knowledge sharing Hands-on exposure to diverse targets and projects, with plenty of autonomy, and a real impact on the quality of the business solutions we deliver to our clients Structured security research time that grows with seniority and experience Strong focus on upskilling and certification, with support through study leave and course costs Modern work culture, with flexibility for WFH plus face to face time with the team at our smart, well located, central Auckland offices Responsibilities of the role include: Website, web and native application, and API penetration testing across a broad range of targets and clients Source code analysis supported penetration testing. Testing public and private, wired and wireless, network and networked services Mentoring junior members of the team Working directly with customers and stakeholders to build long term relationships and to identify security vulnerabilities and provide remediation advice for resolution Contributing to security assurance strategies, tools and practices to maintain efficient and effective outcomes for clients Integration of security assurance activities within various projects Requirements for the role: Smart, self-motivated and skilled individuals who really want to take the next step in developing their career, and shaping their future in cyber security 3+ years of full-time penetration testing experience including strong source code analysis supported testing. A good track record with bug bounties, for example with one or more verifiable achievements such as: CVE credits for high severity vulnerabilities such as RCE, SSRF, Deserialization, SQLi, etc Participation in reputable CTFs and bug bounty programmes Have or be getting OSWE certification Ability to self-manage and take responsibility for all aspects of penetration testing and reporting Strong and clear communication skills – and the ability to communicate security and vulnerability concepts and findings with clarity to both internal and customer stakeholders In-depth knowledge and experience with penetration testing frameworks, tools and methodologies, such as OWASP and NIST, Burp Suite and Kali Linux Ideally you will have certifications in OSCP or equivalent (OSWE or equivalent preferred) and other certs from Offensive Security, GIAC, CREST, ECCouncil. If you are an experienced, ambitious Penetration Tester who is looking for a rare opportunity in an exciting and innovative Kiwi cyber security organisation, then please get in touch now for a confidential conversation.
#J-18808-Ljbffr