We are seeking a Cybersecurity Pentester/ Senior Pentester to support our Cybersecurity Consulting practice. This position assists Consultants in planning and executing IT / OT security assessment engagements and red / purple teaming operations for our rapidly expanding client portfolio.
- Support Seniors and Consultants with remote / onsite assessments, such as red teaming and/or purple teaming operations, web /mobile application penetration tests, vulnerability assessments, launch phishing campaigns and configuration review engagements
- Ability to minimally conduct blackbox and greybox tests and eventually whitebox testing
- Basic project management and manage client relationships on expectations with effective communication
- Coordinate day-to-day operations with Seniors, Consultants and clients (i.e. schedule and lead meetings create agendas develop document request lists document walkthrough narratives, control designs and tests of operating effectiveness)
- Conduct peer-reviews of the projects in-scope
- Assist Senior Consultants with the preparation and review of draft reports
- Assist with audit quality and assurance procedures
- Utilise base knowledge of information security systems, risks and controls
- Perform other administrative duties and assist with internal initiatives as assigned
- Bachelor's degree from an accredited university in IT, computing/forensics, accounting, data analytics or a related field
- One to two (1-2) years of experience in information security, IT security testing or a related field preferred
- Focused experience with OWASP Top 10, OSSTMM, MITRE ATT&CK Framework preferred
- Ideally, working knowledge and technical experience with Windows OS, Linux, AWS, GCP, Azure, and SQL Server.
- Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements
- Familiarity with tools, such as Cobalt Strike, Kali Linux, Burpsuite, Slack, Discord
- Excellent interpersonal, written and verbal communication skills
- Exemplary time-management skills with the ability to juggle multiple projects and priorities
- Self-starter with a solution-oriented mindset and the ability to thrive in a fast-paced environment, at times with well-defined goals, but limited formal procedures/structure
- Must be a team player, passionate about the security testing, and have an innovative mindset
- Working toward or already have certifications, such as CREST CRT, OSEP, OSCE/3, OSWE, OSED, OSWP, OSCP and others related to information security testing and red teaming operations.