zyberstate logo
In Zybrstate we create sustainable value for clients and stakeholders by providing high quality and holistic cyber security services. Such a holistic approach should take into account:

Vision & Strategy

People

Process

Technology

Governance

Culture

Feel Free To contact Us for more information
Learn how Zybrstate can help secure and stabilize your business.

contact@zybrstate.com

mobile-logo
Top

Penetration Tester

 

Job description

As a Penetration Tester you will perform security vulnerability assessments on client’s core IT assets. With your expertise you will assess, identify, research and exploit vulnerabilities on application environments and underlying infrastructure. You will perform penetration and vulnerability tests with a grey box approach to give the client a birds eye view of the technical security gaps that can be exploited by hackers. Your technical activities are extended with documenting your findings and creating recommendations for improved infrastructure and application security.

Having insight in latest infra and web application scanning methodologies and tools like Tenables Nessus and Websecurify make you the ideal candidate that can be involved in performing network-based and web application security assessments. You are capable in developing own testing scripts and procedures and are familiar with software reverse engineering, payload analysis and exploit development.

Requirements

  • Understanding and familiarity with common penetration testing methods and standards
  • Minimum of 2 years work experience performing security penetration tests
  • Be able to work independently
  • Be able to deliver high quality written reports suitable for viewing line and senior management
  • Strong team player with excellent English communicational skills
  • Experience in executing network infrastructure penetration test assignments
  • Experience in executing web application penetration test assignments
  • Experience in vulnerability research or reverse engineering
  • Experience with OllyDbg or WinDbg, IDA Pro, and BinDiff
  • Exploit development with C, Java or shellcode preferred
  • Excellent knowledge of Operating Systems like Windows, Linux, Solaris, OS X
  • Familiarity with web Server and Application Software: IIS, Apache, WebLogic, WebSphere, Tomcat
  • In depth knowledge of HTTP proxy tools such as Burp, Charles, Fiddler
  • Good understanding of Web technologies such as XML, SOAP, AJAX
  • Experience with application scanning tools like Websecurify (is a pre), IBM’s AppScan, HPs WebInspect, Acunetix and Netsparker
  • Experience with network vulnerability scanning tools like Tenables Nessus
zybrstate customized training
IT Security Specialist
Previous