Senior Penetration Tester
We have an exciting opportunity for an experienced Web Application Penetration Tester to join a successful and rapidly growing specialist cyber security organisation.
The company offers penetration testing, security assurance, and related cyber security services to a range of NZ and international clients, from innovative SaaS start-ups to publicly listed and critical infrastructure providers. Due to a high level of demand for their services they are expanding their team.
What is offer?
Real growth opportunities in a small company focused on high quality penetration testing
A tight-knit team with a focus on collaborative working and knowledge sharing
Hands-on exposure to diverse targets and projects, with plenty of autonomy, and a real impact on the quality of the business solutions we deliver to our clients
Structured security research time that grows with seniority and experience
Strong focus on upskilling and certification, with support through study leave and course costs
Modern work culture, with flexibility for WFH plus face to face time with the team at our smart, well located, central Auckland offices
Responsibilities of the role include:
Website, web and native application, and API penetration testing across a broad range of targets and clients
Source code analysis supported penetration testing.
Testing public and private, wired and wireless, network and networked services
Mentoring junior members of the team
Working directly with customers and stakeholders to build long term relationships and to identify security vulnerabilities and provide remediation advice for resolution
Contributing to security assurance strategies, tools and practices to maintain efficient and effective outcomes for clients
Integration of security assurance activities within various projects
Requirements for the role:
Smart, self-motivated and skilled individuals who really want to take the next step in developing their career, and shaping their future in cyber security
3+ years of full-time penetration testing experience including strong source code analysis supported testing.
A good track record with bug bounties, for example with one or more verifiable achievements such as:
CVE credits for high severity vulnerabilities such as RCE, SSRF, Deserialization, SQLi, etc
Participation in reputable CTFs and bug bounty programmes
Have or be getting OSWE certification
Ability to self-manage and take responsibility for all aspects of penetration testing and reporting
Strong and clear communication skills – and the ability to communicate security and vulnerability concepts and findings with clarity to both internal and customer stakeholders
In-depth knowledge and experience with penetration testing frameworks, tools and methodologies, such as OWASP and NIST, Burp Suite and Kali Linux
Ideally you will have certifications in OSCP or equivalent (OSWE or equivalent preferred) and other certs from Offensive Security, GIAC, CREST, ECCouncil.
If you are an experienced, ambitious Penetration Tester who is looking for a rare opportunity in an exciting and innovative Kiwi cyber security organisation, then please get in touch now for a confidential conversation.
#J-18808-Ljbffr