Penetration Tester Resume Samples

4.9 (40 votes) for Penetration Tester Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the penetration tester job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume by selecting wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 10 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
DH
D Hettinger
Deron
Hettinger
911 Mayer Junctions
Chicago
IL
+1 (555) 222 3797
911 Mayer Junctions
Chicago
IL
Phone
p +1 (555) 222 3797
Experience Experience
05/2016 present
Phoenix, AZ
Senior Penetration Tester
Phoenix, AZ
Senior Penetration Tester
05/2016 present
Phoenix, AZ
Senior Penetration Tester
05/2016 present
  • No Supervisory responsibilities with this position
  • Perform infrastructure and application penetration tests, as well as physical security review and social engineering tests for our global clients
  • Perform application penetration tests across public and private networks
  • Perform assessments of security awareness training using social engineering
  • Develop testing scripts and procedures
  • Develop and leverage custom exploits
  • Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
06/2013 01/2016
Dallas, TX
Security Penetration Tester
Dallas, TX
Security Penetration Tester
06/2013 01/2016
Dallas, TX
Security Penetration Tester
06/2013 01/2016
  • Perform web application, mobile application and network penetration tests
  • Develop processes and implement tools and techniques to perform ongoing security assessments of the environment
  • Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary
  • Providing technical consultation on Security Tools and Technical Controls
  • + Development of ‘rules of engagement’ with partners
  • Develop security standards, policies, automation scripts
  • Perform security reviews of application designs and source code review
07/2007 03/2013
San Francisco, CA
Penetration Tester
San Francisco, CA
Penetration Tester
07/2007 03/2013
San Francisco, CA
Penetration Tester
07/2007 03/2013
  • Work with external vendors to perform penetration tests on network devices, operating systems, databases, and Applications as necessary
  • Create and hold workshops illustrating the state of the art of various technologies and assessment strategies
  • Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
  • Communicate technical vulnerabilities and remediation steps to developers and management
  • Be responsible for performing manual penetration testing and communicating your findings to both Business and Developers
  • Provides assistance to system users relative to information systems security matters
  • Work with application developers to validate, assess, understand root cause and mitigate vulnerabilities
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
University of Memphis
Bachelor’s Degree in Computer Science
Skills Skills
  • Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work
  • Ability to continually refine the vulnerability offerings and deliverables
  • Strong technical ability in security related architecture design and assessment (manual approach to penetration testing)
  • Ability to communicate detailed technical information to a non-technical audience
  • Demonstrated ability to work on multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment
  • Strong knowledge of information security frameworks and standards
  • Strong technical ability in current application and infrastructure testing methodologies
  • Personal development. All of our professionals receive comprehensive training covering business acumen, technical and professional skills development
  • Demonstrated proficiency in basic computer applications, such as Microsoft Office software products
  • Strong organizational skills and ability to multi-task
Create a Resume in Minutes
1

Penetration Tester Resume Examples & Samples

  • Use your significant "ethical hacking" skills to identify security vulnerabilities in JPMG Mobile Native and Web
  • Perform web application dynamic scans and pen tests
  • Research and develop mobile testing tools for use by internal ethical hacking team
  • Develop mobile security threat models
  • Configuration and operation of scanning and testing tools and environment
  • Documentation of test results
  • Recommendation of counter-measures and remediation techniques
  • Correlate pen-test findings to any existing threat models and/or to static and/or dynamic scan results to identify "misses"
  • Significant previous overall technology experience
  • Strong knowledge and understanding of mobile security landscape
  • Hands-on experience with ethical hacking and penetration testing of mobile and web applications (iOS, Android, RIM)
  • Demonstrated ability to plan, develop, and execute security tests
  • Strong reporting and technical writing skills
  • Demonstrated experience with industry-standard security testing tools such as AppScan, Web Inspect, Burp Suite,
  • Thorough knowledge of TCP/IP ports and protocols
  • Demonstrated experience in shell scripting
  • Demonstrated experience in application level attacks including Web 2.0 technologies
  • Computer Science or related technical degree from an accredited institution, or equivalent work experience and practical
  • Minimum of one professional certification- (ideally CREST, otherwise CISSP, CISM, MCSD, GIAC, or CEH)
2

Penetration Tester Resume Examples & Samples

  • Use your significant "ethical hacking" skills to identify security vulnerabilities in JPMG Mobile Native and Web Applications
  • Correlate pen-test findings to any existing threat models and/or to static and/or dynamic scan results to identify "misses" and recommend improvements tothose other processes
  • 5 years of overall technology experience
  • Demonstrated experience with industry-standard security testing tools such as AppScan, Web Inspect, Burp Suite, Nessus, Nmap, Metasploit, viaLab and CANVAS
  • Required experience with one or more of the following mobile security testing tools: Agnito, CLang, Charles Proxy, oTool, iPhoneDbg, iPhone-dataprotection, Keychain_Dumper, iAuditor, PList Editor, trustme, Theos
  • Technical experience in network security products, cryptographic suites, firewalls, Web Application Firewalls/Application Security Gateways, application servers, routers, IDS systems
  • Minimum of one professional certification- (CISSP, CISM, MCSD, GIAC, or CEH preferred)
3

Senior Application Security Penetration Tester Resume Examples & Samples

  • Experience in a security consulting role
  • Experience performing application security assessments including web applications, mobile applications, and web services
  • Ability to perform manual source code review and find vulnerabilities in C/C++, C#, VB.NET, ASP, PHP, and Java
  • Experience with application analysis tools, and vulnerability scanners (burpsuite, appscan, etc.)
  • Experience with web service testing tools (soapUI, etc.)
  • Experience with disassemblers/decompilers/debuggers (IDA Pro, SWF Decompiler, etc.)
  • Strong technical writing and communication skills
  • Experience in developing proof-of-concept exploit examples
  • Application development experience
  • Experience reverse engineering, binary analysis, and disk and memory forensics
  • Experience with social engineering techniques (remote pre-texting, spear phishing, etc.)
  • Experience with physical security assessments (lock picking, camera evasion, etc.)
4

Senior Network Security Penetration Tester Resume Examples & Samples

  • BA/BS in Computer Science or equivalent practical experience
  • Experience performing network security assessments including wireless
  • Experience with network/wireless analysis tools, and vulnerability scanners (Nmap, Kali Linux, Metasploit, Kismet, etc.)
  • Experience with VoIP Security & War Dialing
  • Experience physical security assessments (lock picking, camera evasion, etc.)
  • Experience developing custom scripts or tools
  • Experience scoping engagements and developing technical proposals
  • Strong programming skills
  • Experience writing custom exploits and modules in Metasploit
  • Experience in a financial services environment
5

Penetration Tester Resume Examples & Samples

  • Have expert knowledge in at least one mobile platform (iOS, Windows Mobile, Android, Blackberry)
  • Have expert application reverse engineering skillset which can be applied to mobile platforms
  • In depth understanding of mobile code (Objective C, Java, etc)
  • Expert manual code review skills
  • Application
  • Mobile (iOS, Android, Windows, Blackberry)
  • Wireless
  • Social engineering
  • Physical assessment
  • Strong knowledge of information security frameworks and standards such as ISO17799/27001 and their application into diverse environments
  • Strong understanding of the security mechanisms associated with Windows or Unix operating systems, switched networks, web based applications and databases
  • Demonstrated ability to solve complex technical problems
  • Competent to discuss the underlying technology with product developers
  • Can describe major phases, activities, checkpoints and deliverables of the application development lifecycle
  • Understands the security controls/processes required to implement a robust secure application and can clearly articulate the risk associated with the failure of those controls/processes
  • Has detailed knowledge of the purpose of - and approaches to - security testing
  • Strong web application testing experience
  • Keen understanding of network security architecture
  • Experience in reverse engineering or disassembly
  • Technical risk assessment experience
  • Application Security Code Review (e.g. looking at a client's home-grown web-facing application & reviewing the security of the code)
  • Ability to identify specific information security technical build guides and best practice deficiencies within the global organization and develop and drive cross-functional correction strategies
  • Able to identify security requirements for business applications and data
  • Experience in evaluating the design effectiveness of IT security controls
6

Penetration Tester Network & Web Application Security Resume Examples & Samples

  • Use your significant security assessment skills to identify security vulnerabilities in JPMC applications and infrastructure
  • Work with application developers to validate, assess, understand root cause and mitigate vulnerabilities
  • Analyze software security threats and plan tests
  • Correlate pen-test findings to any existing threat models and/or to static and/or dynamic scan results to identify "misses" and recommend improvements to those other processes
  • 2+ years of overall technology experience
  • Strong knowledge and understanding of security landscape
  • Programming ability or development experience in at least one of the following languages: .NET (ASP.NET), Java, Perl, Python, Ruby, C/C++/ObjectiveC
  • System or network administration experience
  • Ability to plan, develop, and execute security tests
  • Ability to communicate and explain suggested remediation steps to developers
  • Experience with industry-standard security testing tools such as AppScan, Web Inspect, Burp Suite, Nessus, Nmap, Metasploit, viaLab, ZAP, and CANVAS
  • Understanding of TCP/IP ports and protocols
  • Clear understanding of how the software development lifecycle works in a large enterprise
  • Computer Science or related technical degree from an accredited institution, or equivalent work experience and practical knowledge
7

Penetration Tester Resume Examples & Samples

  • 10+ years of experience with IT-5+ years of experience with performing Web application security assessments and network penetration tests
  • Experience with testing at least 30 different Web applications using manual methods and using a Web proxy tool-Experience with multiple operating systems, including Windows and Linux
  • Knowledge of how to identify, exploit, and remediate the OWASP Top 10 Web vulnerabilities, including SQL Injection and XSS
  • Knowledge of IT security concepts, including network design, countermeasures, risk management, operational security, and attack techniques
  • Ability to perform manual penetration testing in addition to the use of scanning tools and produce client-ready deliverables
  • Ability to self-motivate and work with minimal guidance from a remote location
  • Experience with computer programming languages
  • Experience with system administration
  • Experience with Web application developer
  • Experience with training others on how to manually test Web applications for common vulnerabilities
  • Possession of excellent technical writing skills
  • BA or BS degree in Information Security or an IT-related field
  • Security+, CISSP, CPT, CEPT, ECSA, LPT, CEH, or other security Certification
8

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with penetration testing tools, including Burp Suite, Nmap, Wireshark, Nessus, and Metasploit
  • 1+ years of experience with Perl, Python, or other scripting languages
  • Knowledge of common vulnerabilities and related attack vectors, including OWASP Top 10 and CWE/SANS Top 25-Ability to brief technical and non-technical audiences on security threats, vulnerabilities, and risks-Ability to obtain a security clearance
9

Penetration Tester, Senior Resume Examples & Samples

  • 12 years of experience as a penetration tester
  • Experience with a wide variety of tools for vulnerability and penetration testing
  • Experience with performing network and application level testing using established test protocols and methods
  • Experience with performing network and application-level testing
  • Experience with researching and evaluating emerging technologies relevant to information systems security
  • Knowledge of agency specific and federal security regulations
  • DoD 8570-1M Change 2 or CEH Certification
  • IAT Level III or IAM Level III Requirements Certification, including CISSP Certification
  • BA or BS degree in CS, IT, Engineering, or in a related field preferred in lieu of 4 years of experience in a professional work environment
  • Linux, Unix, Windows 2007, or CCNA Certification
10

Penetration Tester Resume Examples & Samples

  • Minimum of five (5) years IT security experience
  • Minimum of two (2) years technical experience performing web application vulnerability assessments and/or ethical hacking
  • Extensive knowledge of OWASP exploitation methodology and web application vulnerability standards
  • Experience with industry standard web application frameworks such as Burp Suite, AppScan, and Nikto but more importantly can think outside-the-box to develop tailored solutions for non-standard problems
  • Experience with network/wireless analysis tools, attack frameworks, and vulnerability scanners (Nmap, Nessus, Kali Linux, Metasploit, Kismet, etc.)
  • Experience with web-based programming, protocols, best practices, and cryptography
  • Experience with common computer operating systems, networking protocols, and host-based / network security products and capabilities
  • Experience developing custom tools and/or scripts to accomplish desired goals
  • Experience with applicable programming/scripting languages such as JavaScript, jQuery, Python, Ruby, etc
  • Experience performing mobile application security assessments
  • Experience with VoIP Security & War Dialing a plus
  • Familiarity with various network architectures, network services, system types, network devices, development platforms and software suites
  • Industry standard certifications such as CISSP, GWAPT/GPEN and OSCP/OSWE
11

Penetration Tester Resume Examples & Samples

  • Overall 7+ years of Information Security experience with one of the following
  • Advanced knowledge of networking fundamentals (all OSI layers)
  • Advanced knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes
  • Strong knowledge of software exploitation (web, client-server and mobile) on modern operation systems
  • Expert knowledge of networking protocols and packet analysis
  • Well versed in multiple security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
  • Demonstrated understanding of financial sector, or other large organization, security and IT infrastructures
  • Able to work either independently or in a team
  • The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
  • Able to articulate and visually present complex forensic investigation and analysis results
  • Able to work under pressure in time critical situations
  • Excellent written and verbal communication skills are required
  • Ability to communicate effectively with business representatives in explaining forensic findings clearly and where necessary, in layman's terms
  • Ability to communicate with other industry forensic professionals to ensure solid partnerships with key external stakeholders to ensure that the forensic investigation process remains at a word class level
12

Penetration Tester / Ethical Hacker Resume Examples & Samples

  • Perform and lead application and network security vulnerability assessments
  • Perform and lead application and network penetration tests
  • Write vulnerability assessment and penetration test reports
  • Recommend additional lifecycle security activities where appropriate
  • Perform other security-related service delivery as utilization/load balancing may require/warrant
  • HP Technical Career Path Specialist level or above, or equivalent
  • Familiarity with one or more of: NIST SP 800-53, PCI-DSS, ISO/IEC 27001&2, or COBIT
  • Familiarity with key security testing tools: WebInspect, Nessus, Metasploit
13

Penetration Tester Secure Works Resume Examples & Samples

  • Maintain working knowledge of advanced cyber threat actor tactics, techniques and procedures (TTP), and emulate these TTP to assess vulnerability and risk
  • Conduct exploitation testing using off-the-shelf or self-developed exploitation tools, and document findings for client remediation
  • Excel as both a self-directed individual contributor and as a member of a larger team
  • Availability for domestic travel and limited international travel up to 50%
  • Apply innovation to improve service efficiency and service value
  • Suggest or implement enhancements to internal systems
  • Interface with Counter Threat Unit (CTU) and Incident Response (IR) teams
14

Senior Penetration Tester Resume Examples & Samples

  • Strong, hands-on technical knowledge of network and PC operating systems, including Firewalls, IDS/IPS, Windows, UNIX (Linux, AIX, HPUX, Solaris, etc.), TCP/IP, etc
  • Excellent hardware and software troubleshooting experience
  • Competence with security testing tools and procedures for information security
  • Staff an on-call rotation
  • 6-8 years of experience with Information Security related activities
  • Experience conducting analysis and containment of potential data breeches or cyber security incidents
  • Familiar with scripting/coding skills with a focus on tool integration
  • Information Security Certifications, such as CISSP, GIAC, OSCP, CEH
  • No Supervisory responsibilities with this position
15

Cyber Vulnerability Analyst & Penetration Tester Resume Examples & Samples

  • Practiced experience executing, ethical hacking and penetration testing
  • Significant knowledge regarding security vulnerabilities, application analysis, and protocol analysis
  • Knowledge of and practiced experience with penetration testing and ethical hacking products
  • Knowledge of and ability to manage vulnerability scans against a range of assets
  • Experience devising methods to automate testing activities and streamline testing processes
  • Practical experience with Linux and Windows operating systems
  • Familiarity with common programming or scripting languages
  • Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion
  • Practiced knowledge performing vulnerability assessments against servers, workstations, web applications and other components
  • Knowledge regarding security vulnerabilities, application analysis and protocol analysis
  • Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools)
  • Ability to understand information security risks associated with vulnerability and penetration testing
  • Knowledge of patching programs of major hardware/software manufacturers
  • Knowledge of secure configuration and hardening of systems
  • Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
  • Bachelor’s degree in Computer Science or related field required. At the manager’s discretion, additional relevant experience may substitute for the degree requirement
  • Typically requires 3+ years’ experience performing vulnerability assessments and penetration testing
  • Experience applying ethical hacker techniques, phishing schemes, emerging logical security threats, and compromised server techniques
  • Current CEH, GPEN, CISSP, and GCIA certifications preferred
16

Information Security Engineer Penetration Tester Resume Examples & Samples

  • Have working and usable knowledge in either Ruby, Python, C/C , or Assembly
  • Have working knowledge with Metasploit, Core Impact, Canvas, and other exploitation frameworks
  • Think outside-the-box
  • Have contrarian thinking with attention to detail, with carefully organized action
  • Analyze target systems, continually thinking about how to unravel their defenses
  • Approach problems in a different way than “normal” Systems Admins would
  • Be able to spot weaknesses and logic flaws that other people might miss
17

Bluemix Security Penetration Tester Resume Examples & Samples

  • At least 1 year experience in security scanning tools
  • At least 1 year experience in Linux/Windows OS security
  • At least 1 year experience in network security
  • At least 1 year experience in Testing Representational State Transfer (REST) interfaces
18

Senior Penetration Tester Resume Examples & Samples

  • Perform infrastructure and application penetration tests, as well as physical security review and social engineering tests for our global clients
  • Perform vulnerability scanning and assessments
  • Perform application penetration tests across public and private networks
  • Perform assessments of security awareness training using social engineering
  • Develop testing scripts and procedures
  • Develop and leverage custom exploits
  • Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
  • Other security-related projects that may be assigned according to skill
  • Minimum of 5 years work experience performing security penetration tests or internal technical security audits
  • Minimum of 5 years of IT experience
  • Strong ethics and understanding of ethics in business and information security
  • Proficient written and oral communication skills
  • Investigative skills
  • Experience with exploitation frameworks (e.g., MetaSploit, Core Impact, Canvas)
  • Understanding and familiarity with common penetration testing methods and standards
  • Understanding of security issues on both Microsoft and *NIX operating systems
  • Ability to complete tasks and deliver professionally written reports for clients
  • Ability to present and articulate findings to technical staff and executives
  • Possess current security certifications (e.g., CISSP, CEH, GPEN, GXPN)
  • Working knowledge of Security principles, techniques and technologies
  • Expert understanding of network protocols, design and operations
  • Degree in either Computer Engineering, Computer Science, or Information Systems Management
  • Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
  • Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify
  • Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
  • Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
19

IT Security Penetration Tester Resume Examples & Samples

  • Knowledgeable with Cybersecurity tools, particularly MetaSploit, nMap, QualysGuard, ArcSight, Splunk, Archer among other tools used to conduct required testing
  • Experienced and effective with information security technology design, development, and implementation
  • Good understanding of the TWC business goals and objectives
  • Knowledge of applicable regulatory requirements, data privacy practices and security control frameworks
  • 5-7 years of experience with Information Security related activities
20

Senior Penetration Tester Resume Examples & Samples

  • Minimum of 4 years in Information Security Field
  • Vulnerability Research and Exploit Development
  • Penetration Testing Execution Standard Automation Framework (PTES)
  • Previous experience with teaching application security to developers
  • Must code in one or more languages such as Java, Python, Ruby, PHP, or .Net
  • Penetration Testing – WebInspect, Acunetix, Netsparker Appscan, Fortify, Ounce, Vercode, Burp Suite, NMAP, Nessus, Metasploit, Core Impact, Qualys, Kali Linux, Backtrack, Samurai WTF, OWASP ZAP, SQLMap and manual tools
  • Red Team Operations
  • Previous experience with debugging and fuzzing binaries
  • Experience with multiple SDLC’s such as Agile, Dev Ops, and Waterfall
  • Previous software development experience
21

Senior Penetration Tester / Ethical Hacker Resume Examples & Samples

  • Demonstrates extensive expertise in security and engineering practices. Integrates broad working knowledge in related disciplines to apply integrated security solutions for complex business situations
  • Perform formal security reviews of application designs, source code and deployments as required, covering web application, web services, mobile applications, network, and other computer systems
  • Possesses basic understanding of cyber incident and response and related current events
  • Complete project work accurately and within deadlines as required
  • Integrate security risk information into penetration testing process
  • Develop and maintain effective working relationships with clients and other team members
  • Supports/mentors skill development within the team
  • Demonstrated ability to methodically analyze problems and identify solutions
  • Makes decisions which influence and impact the success of cross-team initiatives
  • Investigates and recommends approaches and systems that meet quality, performance and sustainability criteria
  • Drives continuous improvement in establishing and meeting system level performance measures
  • CISSP, GPEN, GWAPT, GXPN, OSCP or other information security certification
  • Experience in vulnerability identification and remediation is required
  • Network penetration testing experience strongly desired
  • Experience with mobile application and operating systems a plus
  • Experience with commercial application scanning tools
  • Experience with network tools such as Nessus, Nexpose, nmap, etc
  • Experience with various security tools and products (Fortify, AppScan, etc.)
22

Penetration Tester Resume Examples & Samples

  • Enhance current processes/methodologies around the Penetration Testing capability
  • Interprets the identified vulnerabilities, removes false positives and provides a detailed report, with risk, impact, recommendations to remediate the risk, and step by step instructions for reproducing the issue
  • Develop reports and metrics for management and remediation teams
  • Research and determine Penetration Testing tools to be used by internal Ethical Hacking team
  • Partner with Risk and Compliance teams
  • Share knowledge and mentor new team members and peers
  • Consult with different teams on strategic initiatives as well as highly technical projects that have regulatory concerns
  • Work with external vendors to perform penetration tests on network devices, operating systems, databases, and Applications as necessary
  • Ensure the Ethical Hacking practice is incorporated into the SDLC process
  • 3 years of general IT Risk/Vulnerability Management experience
  • 1 or more years’ experience performing network and/or application penetration testing
  • Experience with Windows/UNIX/Linux/IOS operating systems
  • Working knowledge of network communications and technologies (ie routers, switches, firewalls)
  • Bachelor's degree in information security, computer science, engineering, or equivalent experience
  • 3 or more years’ experience performing network and/or application penetration testing
  • 5 years of general IT Risk/Vulnerability Management experience
  • Mobile Application development and pen testing
  • Knowledge and use of Pen testing tools (Metasploit, Kali, Burp, others…)
  • Understanding of current threats and exploits to include experience with threat remediation
23

Penetration Tester Resume Examples & Samples

  • Maintain and increase areas of technical competence to enhance depth and breadth of assessment/penetration testing abilities through advanced training
  • Create and hold workshops illustrating the state of the art of various technologies and assessment strategies
  • Build an effective network of relationships with Barclays technology partners globally to ensure the trust and credibility of team is developed
  • Proven experience in security architectural considerations for cross-functional, cross-platform applications
  • Have superior time management and organizational skills to undertake multiple critical penetration tests concurrently
  • Understanding routine IT security monitoring and administration tools
24

Cyber Vulnerability Analyst & Penetration Tester Resume Examples & Samples

  • Responsible for conducting vulnerability assessment scans, assisting with penetration testing, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities
  • Contributes to building and delivering services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production
  • Tracks public and privately released vulnerabilities and assists in the corporate triage process including: identification, criticality evaluation, remediation planning, communications, and resolution
  • Conducts vulnerability assessment scans, exposing security vulnerabilities and risks and recommending solutions to mitigate such vulnerabilities
  • Educational knowledge of, or limited experience executing, ethical hacking and penetration testing
  • Introductory knowledge regarding security vulnerabilities, application analysis, and protocol analysis
  • Strong attention to detail. Strong verbal and written communication skills
  • Knowledge regarding security vulnerabilities, application analysis and network protocol analysis
  • Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice
  • Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
  • At the manager’s discretion, additional relevant experience may substitute for the degree requirement
  • Typically requires 1+ years’ experience performing vulnerability assessments and penetration testing
  • Experience applying ethical hacker techniques, phishing schemes, evaluating emerging logical security threats, and compromised server techniques preferred
25

Mobile Penetration Tester Resume Examples & Samples

  • Hands-on experience with security scans and vulnerability assessments of mobile applications and devices
  • Familiarity with various open source and commercial mobile security assessment tools and technologies
  • Basic knowledge of mobile forensics
  • Ability to perform research and develop mobile testing tools for use by internal teams
  • Ability to analyze and develop mobile security threat models and test plans
  • Experience working with mobile application developers to validate, assess, understand root cause and mitigate vulnerabilities
  • Experience with configuration and operation of scanning and testing tools and environment
  • Ability to effectively documentation of test results
  • Experience with network, server, mobile/web application ethical hacking and exploitation
  • Experience using XCode or Eclipse for mobile testing
  • Understanding of Windows, *Nix, Android and iOS filesystems and security architecture along with scripting capabilities
  • Hands-on experience with mobile device forensics and analysis
  • Hands-on experience with mobile application reverse engineering, security/source code analysis and binary patching
  • Demonstrated experience with mobile security tools such as NowSecure Lab, Drozer, Substrate, Xposed-Framework and etc.…
  • Understanding of Mobile Device Management services
  • Familiarity with common vulnerabilities in major operating systems (i.e., Windows, Unix and iOS/Android) and ability to track the emergence of new exploitation techniques
  • Bachelor’s Degree in Engineering or Technology related fields a major plus
  • 2 to 4 years of mobile application security assessment experience
  • GMOB, GWAPT, GPEN Certification
26

Penetration Tester Resume Examples & Samples

  • Engage in threat hunting activities to proactively search for threats in the enterprise environment
  • Guide security strategy through interaction with and direction to, when necessary, other teams in Information Security (e.g. network operations, Cyber Threat Operations Center (CTOC), vulnerability management) along with information and liability risk officers and technology management
  • Aid team members for enhancement and enrichment of security monitoring tools with contextual information
  • Adhere to all policies and standards, as well as regulatory requirements regarding reporting and escalations
  • Demonstrated advanced knowledge of cyber security operations with master of two or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation
  • Demonstrated experience with systems for automated threat intelligence sharing using industry standard protocols such as Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indication Information (TAXII)
  • Advanced knowledge of processes, procedures and methods to research, analyze, and disseminate threat intelligence information
  • Ongoing passion for learning about information security through self-education
  • Ability to formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities
  • Consistent history of delivering on commitments
  • Knowledge of the incident handling procedures and intrusion analysis models
  • Proven communication skills, both written and verbal, to both business and technology audiences
  • Ten years of experience
  • Industry certifications in networking, such as Cisco Certified Network Associate (CCNA), Certified Wireless Network Administrator (CWNA) and/or Net+
  • Experience in the Intelligence Community (IC)
27

Penetration Tester Resume Examples & Samples

  • Strong technical abilities to conduct infrastructure and application security assessments employing a variety of techniques (both automated and manual) throughout the full pentesting delivery cycle (recon, vulnerability assessment, exploitation, lateral movement),
  • Mobile penetration testing
  • Social engineering skills
  • Physical penetration testing
  • Security source code reviews
  • Industrial Control Systems (SCADA) testing
  • Incident response/forensics analysis
  • Has Full UK Driving License
  • SC Security Clearance
  • CREST certification
  • Certified at CHECK team member/leader or equivalent (CREST or TIGER (Cyber Scheme)
  • OSCP
28

Penetration Tester Resume Examples & Samples

  • Scanning and discovering rouge hosts, networks, and devices and scanning and discovering vulnerable systems and applications
  • Source code review, threat modeling and penetration testing on various platforms
  • Provide network/application vulnerability assessment and penetration testing services globally through a comprehensive testing process, as well as identifying weaknesses and vulnerabilities within the system and proposing countermeasures
  • Typical assignments involve testing of the overall security of critical infrastructure components and applications to ensure compliance with internal policies, security architecture best practices, and industry standards
29

Senior Penetration Tester Resume Examples & Samples

  • Vulnerability Management and Threat Intelligence
  • Influence feature design, architecture, standards & processes to ensure Security
  • Conduct advanced network security forensics
  • Assessment and recommendation of Web Application Security
  • Influence culture to be security minding at all times
  • Ability to automate tasks using scripting or other programming language
  • Identify gaps in current technology & processes & recommend improvements
  • Collaborate at depth with peers in Development & Program Management
  • Proven experience as a team player working with devops groups to continuously improve security posture
  • Working knowledge of industry standard tools and systems related to penetration testing and forensics
  • Deep hands‐on technical expertise in large scale systems engineering & complex distributed systems architectures
  • Able to articulate and visually present attack and mitigation strategies and concepts
  • Demonstrated expertise in web services, virtualization, cloud concepts, REST, JSON, YAML, XML, SQL, PHP, LDAP, & object oriented methodologies
  • Solid understanding of network routing, load balancing, & Internet transport protocols
  • 7+ years’ experience providing security insight and solutions in large scale environments
  • Strong analytical and troubleshooting capabilities
  • Ability to manage multiple priorities, commitments & projects
  • Demonstrated passion for customer experience & usability, including successful delivery of customer self‐service tools & automated management/optimization of services
30

Red Team Operator / Penetration Tester Resume Examples & Samples

  • Network penetration testing
  • Application (web, mobile, etc.) penetration testing
  • Social engineering (e-mail phishing, phone, physical, etc.)
  • Red Team operations
  • Strong understanding of networking fundamentals (all OSI layers, protocols, etc.)
  • Strong understanding of Windows/Linux/Unix operating systems
  • Strong understanding of operating system and software vulnerabilities and exploitation techniques
  • Strong understanding of web application vulnerabilities and exploitation techniques, covering the OWASP Top 10 as a minimum
  • Strong knowledge of and experience with commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post-exploitation (e.g. Nmap, Nessus, Metasploit, Burp Suite, etc.)
  • Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines
  • Bachelor's Degree in Engineering or Technology related fields a major plus
  • SANS (GPEN, GXPN, GWAPT), Offensive Security (OSCP, OSCE), CREST/Tiger Scheme Certified Tester certifications or equivalent strongly desired
  • Knowledge of malware packing, obfuscation, persistence, exfiltration techniques
  • Knowledge and experience in using interpreted languages (Ruby, Python, Perl, etc.) and/or compiled languages (C, C++, C#, Java, etc.)
  • Experience in developing in house tools / scripts to improve delivery and facilitate testing operations
  • Ability to perform targeted, covert penetration tests with vulnerability identification, exploitation and post-exploitation activities with no or minimal use of automated tools
  • Well versed in security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
  • Understanding of financial sector, or other large organization, security and IT infrastructures
  • Ability to articulate and visually present complex penetration testing and red team results
  • Ability to work effectively independently and in a team
  • Ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
  • Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work
31

GIS Penetration Tester Resume Examples & Samples

  • Design and execute penetration tests against a variety of technologies including web application, mobile and infrastructure
  • Work within virtual teams of security and technical specialists to ensure quality delivery of leading solutions to our internal clients
  • Provide reports which highlight and clearly articulate vulnerabilities and weaknesses to clients in terms they understand
  • Infrastructure
  • Code review
  • Excellent understanding of security strategies and technologies including secure network design, e-Channels, remote computing, desktop and server hardening, secure web services, Compliance Auditing, Secure Software Development Lifecycles, Software Audit
  • Extensive experience creating innovative solutions and responding to information security incidents a strong plus
  • Able to explain security functionality from first principles
  • Understands core development methodologies and their associated technologies
  • Excellent TCP/IP knowledge and understanding of security implications/issues over the OSI model
  • Proven programming / scripting skills
  • Good awareness and understanding of the Barclay’s business unit responsibilities and structure
  • Can describe deliverables associated with the requirements analysis and definition
32

It-penetration Tester Resume Examples & Samples

  • 1) Executes tests of web-based applications, networks, end user systems, servers and other infrastructure systems with automated and manual tools
  • 2) Works with developers and application owners to identify and prioritize vulnerabilities based on business criticality
  • 3) Documents, tracks, and reports on exposures in a timely manner
  • 4) Identifies security risks and exposures, determines the cause of security violations and suggests procedures to halt future
33

Consulting Risk Advisory Security & Privacy Penetration Tester Resume Examples & Samples

  • Perform application and network penetration tests for our global clients
  • Use commercial scanning tools such as BurpSuite, Nessus, and other commercial products to analyze systems for vulnerabilities, and provide risk reduction recommendations
  • Performing manual verification of vulnerabilities to reduce false positives
  • Understanding of common regulatory or standards-based control frameworks such as PCI-DSS, ISO 27001/2, NIST 800-53, etc
  • Creating comprehensive security assessment reports
  • Interfacing with clients to gather information and investigate security controls
  • Maintaining industry credentials/certifications
  • Supporting ongoing development of security assessment service offerings
  • Bachelor's degree in Computer Science, Computer Engineering, Cyber-Security, Information Security or a related field or equivalent experience
  • Minimum 4 years of experience conducting application and network penetration testing
  • Ability to travel as needed (up to 35%)
  • GIAC GPEN, Offensive Security Certified Professional (OSCP), CISA, CISSP or Offensive Security Certified Expert (OSCE) preferred
  • Implementation of vulnerability management programs is a plus
  • Prior consulting or professional services background preferred
  • Knowledgeable regarding Sarbanes-Oxley Act, Payment Card Industry (PCI), and SOC
  • Experience with an accounting or consulting firm preferred
  • Strong verbal and written abilities
  • Strong multitasking and project management skills
34

Consulting Risk Advisory Services Security Penetration Tester Resume Examples & Samples

  • Perform Internet penetration testing (blackbox/greybox /whitebox testing) and network architecture reviews (manual/automated)
  • Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments
  • Assist with the development of remediation recommendations for identified findings
  • Help identify improvement opportunities for assigned clients
  • This position is for individuals with 1-6 years of experience within the cyber security space, with a preference for prior consulting or professional services backgrounds. Other candidates may be considered based on experience and skill sets
  • Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices
  • Bachelor’s degree in computer science or related field from an accredited college/university
  • Technical background in networking/system administration, security testing or related fields
  • Two or more years of Perl, Python, Bash, or C experience
  • Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.)
  • Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
  • Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
  • Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.)
  • In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®)
  • Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client’s senior management team
35

Penetration Tester Resume Examples & Samples

  • Penetration testing (ethical hacking) applications and network environments
  • Writing test and penetration plans and documenting your results
  • Performing reconnaissance and network surveys to map your targets
  • Researching tools and security exploits
  • Consulting with clients on high-level strategic initiatives as well as highly-technical and detailed regulatory compliance projects
  • Learning the tricks of the trade from experienced mentors
  • Blogging about your new security finds
  • Be proficient with all the usual suspects
36

Information Security Penetration Tester Resume Examples & Samples

  • Certified Information System Security Professional
  • At least 7 years experience with processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data
  • Product and vendor evaluation
37

Principal Penetration Tester Resume Examples & Samples

  • Lead testing efforts on Fidelity's assets, including web and mobile applications and supporting systems
  • Consult with operations and software development teams to ensure potential weaknesses are addressed
  • Stay current on security best practices and vulnerabilities
  • 8+ years of IT experience
  • 4+ years of hands-on web application penetration testing / ethical hacking experience
  • Preferred - CISSP, CEH, LPT, OSCP, GPEN or other industry security certification
  • Ability to demonstrate manual testing experience including all of OWASP Top 10
  • Advanced knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
  • Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider
  • Advanced knowledge of C, C#, Python, Objective C, Java, Javascript, SQL,
  • Advanced knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX
  • Advanced Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring
  • Proven analytical and problem solving skills, as well as the desire to assist others in solving issues
  • Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team
  • Full commitment to customer satisfaction and the highest ethical standard
38

Penetration Tester Resume Examples & Samples

  • Participate in testing efforts on Fidelity's web and mobile applications and supporting systems
  • Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats
  • Upon completion of the assessment, you will prepare reports and present the results to application owners, developers, and business unit information security teams
  • Analyze test results, draw conclusions from results, and develop targeted exploit examples
  • Contribute to the research or development of tools to assist in the vulnerability discovery process
  • Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity's applications and infrastructure
  • Bachelors degree in Computer Science (or related field) or equivalent experience
  • 5+ years of IT experience
  • 1+ years of hands-on web application penetration testing / ethical hacking experience
  • Intermediate knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
  • Technical knowledge of, and the ability to recognize, various types of application security vulnerabilities
  • Intermediate knowledge of C, C#, Python, Objective C, Java, Javascript, SQL,
  • Intermediate knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX
  • Intermediate knowledge of web frameworks, including XML, SOAP, J2EE, JSON and Ajax
  • Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring
  • Excellent interpersonal skills with a strong interest in the application security domain
  • Excellent communication and presentation skills and a proven ability to communicate threats and facilitate progress towards long-term remediation
39

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with participating in Cybersecurity testing events, including configuration analysis, vulnerability assessments, or penetration testing in a data gathering role as a tester or analyst
  • 1+ years of experience with Linux or UNIX-based operating systems, including command line interfaces
  • Experience with NMap, Tenable, Nessus, OpenVAS, Metasploit, Core Impact Pro, Burp Suite, or Nikto
  • CompTIA Security+, CISSP, GSEC, CASP, CISA, or Certified Ethical Hacker (CEH) Certification required
  • Experience with US Navy Afloat systems
40

Penetration Tester, Senior Resume Examples & Samples

  • 7+ years of experience in two or more of the following: network vulnerability assessments, Web application security testing, network penetration testing, red teaming, or security operations or hunt
  • Experience with tools, including Nessus, WebInspect, AppDetective, Hailstorm, Metasploit, Burp Suite Pro, Aircrack-ng, and Kismet
  • Knowledge of applications, database, and Web server design and implementation
  • Knowledge of open security testing standards and projects, including OWASP
  • Experience with wireless LAN security, including 802.11 standards
  • Experience with hardware reverse engineering using JTAG or UART
  • Experience with physical security assessments, including the use of proxmark3 or similar proximity card spoofing or copying device
  • Ability to display enthusiasm for security and technology
  • BS degree in Computer Engineering or CS or a technical field preferred
41

Red Team Penetration Tester, Senior Resume Examples & Samples

  • Experience with multi-vector penetration testing using Core Impact preferred
  • BA or BS degree
  • 8570 IAT Level II Certification and CNDSP Auditor Level I or Level II preferred
42

Penetration Tester, Senior Resume Examples & Samples

  • 5+ years of experience in security with practice in penetration testing and vulnerability assessments
  • 2+ years of experience with vulnerability analysis or reverse engineering
  • Knowledge of software development in C++ or Java
  • Knowledge of building and managing Virtual systems, including VMware, ESXi, Xen, or Virtualbox
  • Experience with programming in C, C++, C#, Java, ASM, PHP, Perl, Microsoft .NET, Python, or Ruby and Linux or UNIX Shell Scripting
  • Experience with problem solving through using out-of-the-box approaches
  • Knowledge of penetration attack strategies for Web services, databases, and e-mail, Forensics tools, and Cryptography principles
  • Knowledge of Enterprise level solution storage and databases, including relational databases, database management systems, enterprise storage systems, or security concerns for these systems
  • CEH: Certified Ethical Hacker Certification
  • CPT: Certified Penetration Tester Certification
  • CEPT: Certified Expert Penetration Tester Certification
43

IT Risk Penetration Tester Resume Examples & Samples

  • Hungarian, English knowledge is needed
  • Solid knowelde of IT technologies (network protocols, operating systems, database systems, middlewares, and architecture patterns)
  • Hands on experience on administration of Linux and Windows systems
  • Hands on experience on one ore more database systems
  • Proficiency in one or more multi platform scripting language. (eg. Perl or Python)
  • Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns
  • Hands on experience with the following tools
  • Hands on Antivirus and IDS alert avoidance experience
  • Exploit development experience
  • Reverse engineering experience
  • GIAC Certified Penetration Tester (GPEN) / Certified Expert Penetration Tester (CEPT) /Offensive Security Certified Professional (OSCP) or other relevant certificates
44

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with participating in Cybersecurity testing events, including configuration analysis, vulnerability assessments, or penetration testing as a tester or analyst in a data gathering role
  • Experience with NMap, Tenable Nessus, OpenVAS, Metasploit, Core Impact Pro, Burp Suite, or Nikto
  • CompTIA Security+ Certification, CISSP Certification, GSEC Certification, CASP Certification, CISA Certification, or Certified Ethical Hacker (CEH) Certification required
45

Junior Penetration Tester Resume Examples & Samples

  • Conduct full penetration tests of enterprise networks, web applications, mobile applications, and wireless networks
  • Perform additional security services for customers including social engineering campaigns, physical security tests, source code review, and online reconnaissance
  • Provide vulnerability context and remediation information to customers in detailed technical reports
  • Research evolving exploits, techniques, and tools in support of penetration testing efforts
  • Work as part of a team or independently when necessary
  • 2+ years experience in information security or related field
  • Bachelor’s degree in Cybersecurity, Digital Forensics, or related field
  • High familiarity with Windows and UNIX environments at command line level
  • In-depth knowledge of TCP/IP protocol and commonly used ports
  • Experience with penetration testing tools such as nmap, Nessus, Kali, Metasploit, Nikto, Burpsuite, etc
  • Knowledge of common web application attacks such as SQL injection, cross-site scripting, session hijacking, cross-site request forgery, etc
  • The ability to learn, study, and adapt to ever-changing vulnerabilities and testing methodologies
  • Strong written/oral communication and technical writing skills
  • Familiarity with OWASP and NIST risk and vulnerability structures
  • Relevant certifications such as GPEN, OSCP, etc
  • Advanced degree in an information security field
  • Programming skills in Python, Perl, Ruby, or other relevant languages
46

Cyber Security Penetration Tester Resume Examples & Samples

  • Minimum Bachelors degree and 6 years experience or 10 years equivalent experience without a degree; degree should be focused on engineering or applied science. TS/SCI clearance required
  • Must possess or be willing to obtain the CISSP and a Penetration Tester (i.e., GPEN, L|PT, GPXN) certification within 6 months upon arrival at the customer site
  • Must pass customer training and certification program and remain mission ready qualified
  • MCTS, Linux+, C|EH and GREM certifications a plus
  • Hands on knowledge and experience with The Metasploit Framework and Burp Suite; a background in applications development, a plus
  • Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models
  • Familiarity with the following protocols: ARP, DHCP, DNS, DSN, FTP, HTTP, IMAP, ICMP, IDRP, IP, IRC, NFS, POP3, PAR, RLOGIN, SMB, SMTP, SSL, SSH, TCP, TELNET, UDP
  • Analytical with the ability to understand and implement customer objectives
  • Experience or familiarity with military operations highly desirable
  • Previous experience in penetration testing preferred (3-5 yrs)
47

Penetration Tester Resume Examples & Samples

  • C++
  • Javascript
  • Ruby
48

Red Team Penetration Tester Resume Examples & Samples

  • Effective analytical and critical thinking skills - proven problem solving and follow-thru
  • Effective documentation and verbal communication skills in customer-facing roles Demonstrated successful ability to multi-task and perform in an interrupt-driven, non-deterministic environment while working independently and as a team
  • Demonstrated self-starter and team player with ability to quickly learn new concepts with guidance from senior team members
  • Ability to foster new ideas/concepts and generate synergy with the team, positive, team and mission-oriented attitude, self-motivate when given strategic goals
  • Ability to lead others and deliver results (brief leadership, customers, etc.)
  • Knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk
  • Familiarity with Advanced Persistent Threat (APT) activity; Offensive attack hacker mindset
  • Familiarity with Information Security practices
  • Comfortable executing information system penetration testing techniques and tools
  • Intelligence – indicators, contacts, information gathering, OPSEC, OSINT, etc
  • Practical experience with UNIX based and Windows operating systems
  • Incident Response – forensics and system/network integrity
  • Password cracking, encryption and algorithm analysis, etc
  • Application Analysis – Fuzzing, Reverse Engineering, Disassembling (IDA, OllyDbg)
  • Demonstrated proficiency in development of applications, custom tools, and solutions in various coding languages to include SQL, python, Django, perl, ruby, PHP, Java, etc
  • Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various testing tools
  • Skills in open source data collection (OSINT) and acquisition such as investigating, researching, google hacking, etc
  • Database experience – (Oracle, MSSQL, MySQL, MongoDB)
  • Certifications (CEH, CEPT, LPT, ECSA, Security+, GIAC {Web, wireless, forensics, mobile, exploit researcher})
49

Senior Penetration Tester Resume Examples & Samples

  • Serving as the Security Compliance and Testing Lead for assigned systems
  • Analyzing IC ITE software and data services for variances from IC security policies
  • 12 years or more of developing, implementing, integrating, maintaining, and evaluating security engineering and security architecture for IT enterprise architectures
  • Active Certified Information Systems Security Professional certification (CISSP)
  • Very familiar with at least one of the following: NSA, CIA, NRO, NGA, DIA, DHS, FBI or DoD information security architectures
  • Very familiar with the Federal Information Security Risk Management Framework (RMF)
  • Active Certified Ethical Hacker (CEH) certification
50

Senior Penetration Tester Resume Examples & Samples

  • Using ethical hacking techniques to discover and exploit vulnerabilities on client applications and infrastructure
  • Testing a wide range of operating systems and technologies for vulnerabilities, flaws, improper configurations, and other issues
  • Advising a wide range of clients on remediation strategies and best practice
51

IT Security Penetration Tester Resume Examples & Samples

  • Conduct formal vulnerability assessments and penetration tests of networks, systems, web-based applications, and other types of information systems on a regular basis
  • Penetration testing and code review
  • Prepares technical reports by collecting, analyzing, and summarizing information and trends Assessments and Social Engineering
  • Conduct social engineering tests (physical, phishing, pre-texting) of client environments
  • Understanding security fundamentals and common vulnerabilities
  • Network and web-related protocol knowledge
  • Demonstrate critical thinking and creative analysis techniques in distilling test results, eliminating false positives and providing actionable recommendations for mitigation
  • Evaluate/define solutions for securing wired/wireless networks, databases and applications
  • Perform analysis of client security organizations, policies and procedures
  • Execute tests independently or work as part of testing team, taking direction from team lead(s) and executing directives in a thorough and timely fashion
  • Perform testing using defined methodologies and a combination of automated and manual tools
  • Perform physical security assessments of networks and computer systems
  • Conduct regular security audits from both a logical and a technical/hands-on standpoint
  • Vulnerability assessment
  • Understanding security fundamentals and common vulnerabilities (e.g. OWASP Top Ten)
  • Experience in security engineering, system and network security, authentication and security protocols, applied cryptography, and application security
  • Scripting/programming skills (e.g., Python, Ruby, Java, JS, etc.)
  • Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Certified PEN Tester, CHFI or CEH
52

Manual Application Penetration Tester Resume Examples & Samples

  • Understanding application configuration
  • Understanding Application design-ports being used, etc
  • Ability to do at least some code review
  • Min 3 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment
  • 1 year of manual penetration testing
  • Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc
  • Ability to see what information is being transferred over internet connection
  • Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc
  • Full grasp and ability to articulate and/or train others on the “OWASP Top 10” and related concepts
  • Minimum 3 years of experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language
  • Minimum 3 years of experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases
  • Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners
  • Ability to capture and analyze network traffic at all seven layers of the OSI model, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data
  • Have a solid grasp of core security fundamentals and concepts, including knowing one’s system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc
  • Minimum 3 years of experience with enterprise-level security control implementations, including Network Intrusion Detection/Prevention (NIDS/NIPS), Corporate Antivirus, Enterprise Web Filtering, Data Loss Prevention, Insider-threat Mitigation, Botnet Detection, etc., as well as demonstrable knowledge of the principles and techniques used to bypass said controls
  • Ability to create extremely high quality written reports containing the findings from web and thick-client vulnerability assessments, as well as the ability to articulate those findings to peer technical staff as well as various levels of management
  • Preference is for candidates with two or more of the following certifications: GSEC, GWAPT, CISSP, GPEN, GXPEN, CISA, CISM, OSCP, OSCE
53

Senior Penetration Tester Resume Examples & Samples

  • Penetration testing: you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, and, in collaboration with other penetration testing and red teams around the company, demonstrate the value of an “Assume Breach” mentality
  • Emerging Threat and Vulnerability Research - You will be identify and evaluate new areas for research, perform analysis into emerging threats, including proactive security research on the technologies that Azure and our customers utilize and depend on
  • A very high level of creativity, excellent communication skills, and an ability to work independently are critical
  • Security Assessments - Parlaying research and knowledge into threat models and security assessments of Azure services, platforms and infrastructure
  • You have a goal to prioritize areas of security risk while identifying and addressing risks that affect Azure’s ability to protect, detect, investigate, and recovery from security vulnerabilities and targeted attacks
  • Tool Prototypes & development to automate penetration testing and the detection of vulnerabilities across a suite of Azure services
  • To thrive in this position, you will need a deep technical understanding of multiple classes of security defects, along with a strong development skills and an understanding of popular languages and platforms, and the ability to learn new information at a rapid pace
  • A strong track record in security consulting, penetration testing, and general hacking are critical, but the willingness and drive to improve the state of the art overall is even more important
  • Bachelors of Science, Bachelors, BA, BA CS, Computer Science, Mathematics, Engineering degree or equivalent experience
  • 10 or more years experience in a hands-on security role, with demonstrable software engineering skills and mastery of multiple classes of security defects
  • Strong coding skills in one or more popular languages and platforms, including C/C++, C#, Java, Javascript/Typescript, SQL, assembly, Ruby, Python, and others, and the ability to pick up new platforms quickly Advanced Qualifications
  • Experience in technical disciplines outside security space, including general software development, networking, database management, big data, and full-stack development is a strong plus
54

Penetration Tester Resume Examples & Samples

  • Penetration testing: you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, and, in collaboration with other penetration testing and red teams around the company, demonstrate the value of an assume breach mentality
  • Emerging Threat and Vulnerability Research - You will be expected to perform research and analysis into emerging threats which affect cloud services through collaboration and original research, including proactive security research on the technologies that Azure and our customers utilize and depend on
  • A very high level of creativity and thirst for knowledge are a must
  • Security Assessments - Parlaying research and knowledge into threat models and security assessments of Azure services, platforms and infrastructure. You have a goal to prioritize areas of security risk while identifying and addressing risks that affect Azure’s ability to protect, detect, investigate, and recovery from security vulnerabilities and targeted attacks
  • To thrive in this position, you will need a deep technical understanding of a broad technology set and the ability to learn new information at a rapid pace. Previous experience in security consulting, penetration testing, and general hacking are important, but a desire to take on big challenges and help improve the overall service engineering process is more important
  • 2-4 years’ experience in a hands-on software engineering role
  • Strong coding skills in one or more popular languages and platforms, including C/C++, C#, Java, Javascript/Typescript, SQL, assembly, Ruby, Python, and others, and the ability to pick up new platforms quickly
  • Deep knowledge of services, security and a strong engineering and development skillset
  • Understanding of security vulnerabilities and attacks and ability to apply them or find new ones based on new technology being developed
  • Expert-level knowledge in one or more classes of vulnerabilities, including cross-site scripting, buffer overflows, SQL injection, TOCTOU vulnerabilities, cryptographic weaknesses, insecure direct object references, and others
55

Penetration Tester Resume Examples & Samples

  • 3+ years of experience with performing penetration testing, including conducting network and Web-based application penetration tests, physical security assessments, logical security audits, and hands-on technical security evaluations and implementations
  • 3+ years of experience with vulnerability scanning tools, including BackTrack, nMap, Metasploit, tcpdump, Nikto, Nessus, McAfee Vulnerability Manager (MVM), HP WebInspect, QualysGuard, Redseal, AppDetective, BurpSuite, and Wireshark
  • 3+ years of experience with Linux, Windows, and network switching and routing
  • Public Trust clearance required
56

Security Penetration Tester Resume Examples & Samples

  • Performing Penetration Tests of various attack surfaces such as network, software applications, human (social engineering, trusted insider) and working with business owners to identify remediation strategies for identified issues
  • Reviewing and evaluating IT operations, physical security, hardware configurations, IT systems and operating procedures in use throughout the Humana for compliance with established controls, policies, standards and procedures
  • Identifying technology and control risks within each area
  • Providing technical consultation on Security Tools and Technical Controls
  • Recommending improvements in procedures, processes, operations and systems across Humana
  • Other special projects as necessary
  • Broad IT, IT Security and IT audit experience, preferably in a large corporate environment
  • Comprehensive background in Penetration Testing
  • One or more of the following certifications: CISSP, CISA, CISM, CEH
  • Additional technical certifications of CEH, ECSA, LPT are preferred
57

Senior Penetration Tester Resume Examples & Samples

  • Perform application penetration testing against corporate and customer software applications
  • Conduct vulnerability assessments on Internet-facing systems and internal systems
  • Document technical issues identified during security assessments and write reports
  • Follow up on implementation of corrective actions from assessments with development
  • Research security threats and attack vectors provide transfer of knowledge to business
  • Act as business level technical expert in incident response when assigned
  • Perform special security projects on an ad hoc basis
  • Prefer 5 years relevant experience and BA/BS University degree from an accredited college or university, or equivalent
  • Deep understanding of in information security and related technical aspects
  • Prefer 5 years of experience with systems development, systems administration, or network administration
  • Certifications such as CISSP, CEH, OSCP or GPEN are desired
  • Previous hands-on experience in penetration testing and vulnerability assessment preferred
  • Experience of web application testing, infrastructure testing, manual testing, code reviews
  • The candidate should have a good knowledge of Java, C, C++ and associated J2EE technologies, especially in terms of secure coding standards and be able to perform code review on the mentioned languages
  • The candidate should have hands-on experience in at least one of the following scripting languages: Perl, shell scripts, and Python. Furthermore, candidate must be able to write security tools and scripts in at least one of the mentioned languages
  • The candidate should be familiar with
  • Static code analysis
  • Web service vulnerability scanning
  • Mobile security
  • Install security
  • Schema security tests
58

Information Security Penetration Tester Resume Examples & Samples

  • Penetration Testing (main focus on Infrastructure)
  • Application Vulnerability Assessment
  • Wireless Vulnerability Assessment
  • Security Audit and Assessment
  • Support of Red Team / Blue Team functions
59

Penetration Tester Resume Examples & Samples

  • Excited to work with engineers on security features and risk mitigations
  • Passionate about keeping Apple’s customers safe
  • Curious enough to hunt for vulns through large, complex code bases
  • Obsessed with breaking software
  • Able to articulate technical details and risks to lay people
  • 5 years of relevant security experience
  • Deep linux expertise
  • Experience testing low level C components
60

Penetration Tester, Senior Remote Resume Examples & Samples

  • 8+ years of experience in a Cyber security related field
  • 4+ years of experience with executing Web application, network, and system penetration tests for clients
  • Experience with leveraging open-source penetration testing tools, including Metasploit and the Kali Linux tool set
  • Ability to assist remediation efforts for discovered vulnerabilities
  • Ability to be competent with scripting in Python or Ruby
  • Ability to mentor junior and mid-level staff by teaching the latest penetration testing techniques
  • Ability to lead organized security testing engagements with little assistance while demonstrating strong team work skills
  • Experience with Web application development, system administration, and the software or system development life cycle
  • Experience with red-teaming or covert computer network exploitation
  • Knowledge of secure coding best practices
  • Ability to craft custom exploits for proof-of-concept code
61

Penetration Tester Resume Examples & Samples

  • Experience in security with practice in penetration testing and vulnerability assessment
  • Knowledge of the UNIX or Linux operating systems, TCP/IP protocol stack, and networking tools
  • Knowledge of security tools and products, including Fortify, AppScan, Nessus, Nmap, or Netcat
  • Knowledge of penetration attack strategies for Web services, databases, and e-mail, forensics tools, and cryptography principles
  • Knowledge of Enterprise-level solution storage and databases, including relational databases, database management systems, enterprise storage systems, or security concerns for these systems
  • Ability to parse and decode various application level protocols, including XML, HTTP, and MPEG
  • DoD 8570 IAT Level II Certification, including CCNA-Security, GSEC, or CompTIA Security+
  • CompTIA's Network+, Linux+, or CASP Certification
  • GPEN: GIAC Certified Penetration Tester Certification
  • OSCP: Offensive Security Certified Professional Certification
62

Penetration Tester Resume Examples & Samples

  • Discovery: Working with the customer to take stock of system elements, including networks, applications, and mobile assets. Gather key information including registration data, operating system, patch, and service version information, and system and application configurations
  • Vulnerability Identification: Based on what we learn during the discovery phase, you will then take steps to challenge them. Using a variety of applicable tools, including in-house and commercially available programs, you will create a real-world scenario where you attempt to compromise system, application, and mobile security, gain unauthorized access to resources, or disrupt and exploit system services
  • Exploitation: As a security expert, you will exploit vulnerabilities detected during the identification stage, to determine the level of impact to the enterprise, had someone with malicious intent attempted the same action
  • Provide consulting services in the discipline of vulnerability management
  • Responsible for delivery and post-delivery support
  • Provide delivery of specific vulnerability management and penetration testing services including
  • 5+ years of experience delivering penetration testing consulting engagements
  • Red Team or Ethical Hacking experience
  • Must have the ability to travel ~50%
  • Experience delivering vulnerability management assessments and consulting
  • Must have outstanding written and verbal communication and formal presentation skills
  • Ability to work with clients effectively
  • Ability to identify further opportunities
  • Ability to continually refine the vulnerability offerings and deliverables
  • Experience with mobile application penetration testing highly desired
  • Certifications such as CEH, OSCP, CISSP
63

Penetration Tester Resume Examples & Samples

  • Contribute both on an individual assessment basis as well as a global strategic basis to raise the security posture across the organisation
  • Identify application security vulnerabilities in a range of technologies including web and mobile through a combination of security assessment techniques: manual penetration testing, code-review, SAST, DAST, IAST etc
  • Work collaboratively with development teams to proactively build security within their software delivery pipeline
  • Develop security standards and guidelines for applications and systems developed at Barclays
  • Disseminate specialist application security knowledge to both the security and development communities
  • Innovate towards the goal of establishing novel security services and the enhancement of existing services
  • Produce and develop training material for the internal community to disseminate specialist expertise
  • Strong web application testing/penetration testing/code-review experience
  • Thorough knowledge of application security assessment techniques and their relative merits, including: SAST, DAST, IAST and manual assessment
  • Understanding of Application security issues, coding standards, and an ability to articulate them to developers and project managers
  • Understanding of the security mechanisms associated with Applications, operating systems, networks and databases
  • Awareness of emerging Application Security technologies
  • Knowledge of programming languages such as: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
  • Experience working with web and mobile development projects as a developer or security subject matter expert
  • Wider SDL activities such as threat modelling and design review
  • Familiarity with web application multi-tier architectures and operation
  • Working knowledge of cryptographic concepts and familiarity with best practice application within a development environment
  • Physical security knowledge and experience is considered benefitial but not required
64

Penetration Tester Resume Examples & Samples

  • Contribute both on an individual application basis as well as a global strategic basis to raise the application security posture across the organisation
  • Develop security standards and guidelines for applications developed at Barclays
  • Innovate towards the goal of establishing novel application security services and the enhancement of existing services
  • Produce and develop training material for the internal community to disseminate specialise expertise
  • Conduct periodic webinar sessions with the internal community to educate on the subject of general security
  • Understanding of Application security issues, coding standards, strong communication skills and ability to articulate them to developers and project managers
  • Knowledge of multiple programming languages: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
65

Senior Penetration Tester Resume Examples & Samples

  • Undergraduate degree or equivalent. 4+ years of applied technical experience
  • Certification(s) in penetration testing or ethical hacking such as GPEN, CWAPT, OSCP or equivalent experience employed specifically in this capacity
  • Experience & awareness of a broad set of industry security specifications, standards & regulations such as (but not exhaustive): PCI, SOX, ISO-27001/2, PIPEDA, Canadian financial regulation
  • CISSP or equivalent general security certification
  • General network technical certifications (e.g. CCNA, CCNP) desirable
  • Works with minimal supervision, while monitoring and executing a number of time critical actions
  • Demonstrable experience in PEN tools such as metasploit (and prepared to discuss relative merits of various tools)
  • Proven ability to analyze and solve a wide range of technical problems
  • Detailed operational knowledge of systems relevant to field of work in terms of functionality and capability and/or detailed knowledge of services provided within the related field
  • Broad technical knowledge suitable to an information security professional: TCP/IP, Unix, Windows, firewall, IPS, database, web application, DDoS, malware, log analysis
  • Project and/or people management skills gained through previous experience, where appropriate
  • Moderate coding ability suitable to writing shell scripts (BASH, PowerShell, etc.) or SQL queries to simplify unexpected administrative or technical tasks
  • Resolves problems independently and/or through a support team
  • Strong & clear written, verbal & presentation skills including
66

Attack & Penetration Tester Resume Examples & Samples

  • Open Source Intelligence Gathering
  • External Network Vulnerability Assessments and Penetration Testing
  • Internal Network Vulnerability Assessments and Penetration Testing
  • Wireless LAN Vulnerability Assessments
  • Social Engineering Vulnerability Assessments
  • 7+ years’ experience in security and software engineering are a must
  • BS in Computer Science, or equivalent Security and Development experience
  • Demonstrated strong Development skills, with experience in C#, C++, ASP.NET (or other web frameworks and languages), and PowerShell
  • Proven working knowledge of information security, penetration testing techniques and security code review
  • Tested deep knowledge of services, security and a strong engineering and development skillset
  • A passion and drive for turning threat intelligence into threat emulation is a must
  • A Demonstrated deep and broad understanding of security vulnerabilities and attacks (Hardware, Firmware, Software, Network, and People) and ability to apply them or find new ones based on new technology being developed
67

Vulnerability Assessment & Penetration Tester Resume Examples & Samples

  • 1+ years of experience with Backtrack or Kali Linux
  • Knowledge of common vulnerabilities and related attack vectors, including OWASP Top 10 and CWE and SANS Top 25
  • Ability to brief technical and non-technical audiences on security threats, vulnerabilities, and risks
68

Penetration Tester Resume Examples & Samples

  • Defining, scoping testing and reporting for clients
  • Build strong working relationships with clients, explaining risks and report outcomes
  • Identify vulnerabilities and providing recommendations to mitigate future risks/and or counteractive measures
  • CREST qualified
  • Minimum of 12 months experience in a pure penetration testing role, ideally within web, applications or infrastructure
  • Current valid SC is essential
  • Experience in using a variety of network and exploiting tools
69

Penetration Tester Resume Examples & Samples

  • Experience with Penetration Testing, Mobile or Web based applications
  • Infrastructure experience, tied to the foundations of network and the correlation to servers and networks
  • 10+ years of experience in security applications and systems
  • *If you are interested in long term contract opportunities please review the brief job description below and apply by sending an updated copy of your resume andthree professional references to the email below. This consultant may be required to go full time.***
70

Penetration Tester Resume Examples & Samples

  • Demonstrated on-the-job experience with penetration testing, systems exploitation and cyber security engineering to include offensive methods and capabilities
  • At least 3 years of demonstrated on-the-job experiencing performing network security analysis
  • Six plus years of demonstrated on-the-job experience in incident response and cybersecurity, with specific knowledge pertaining to digital forensics, malware analysis, and penetration testing
  • Demonstrated on-the-job experience with various attacks used to compromise networks and hosts, as well as ways to determine the occurrence of an attack
  • Demonstrated on-the-job experience performing digital forensic analysis using EnCase, as well as using various Linux distributions for purposes of imaging and analyzing digital media
  • Demonstrated on-the-job experience performing static and dynamic binary analysis to determine if captured binaries were malicious and if signatures can be derived from the binary for future detection
  • Demonstrated on-the-job experience with methods used to perform reconnaissance against a host to look for running services, open ports, and known vulnerabilities
  • Demonstrated on-the-job metasploit experience includes exploiting discovered vulnerabilities to establish a reverse shell and persistence
71

Cyber Operator / Penetration Tester Resume Examples & Samples

  • Experience exploiting vulnerabilities in computer systems, networks, and applications
  • Experience writing scripts and exploit code
  • Experience discovering new vulnerabilities in hardware, software, and operating systems
  • Extensive technical computer/network knowledge and understanding of computer hardware, software, networks, communications, and connectivity
  • Proficiency in both Linux/Unix and Windows operating systems
  • Experience using scan/attack/assess tools and techniques, including proficiency in at least one of the following frameworks: Metasploit, Core Impact, Immunity Canvas
  • Experience conducting full-scope assessments and penetration tests including: social engineering, server and client-side attacks, protocol subversion, physical access restrictions, web application exploitation
  • Experience configuring, running, validating, and contextualizing the findings of vulnerability discovery tools such as Nessus, SAINT, NeXpose, Retina, Nipper
  • Proficiency in common programming languages such as C, C++, C#, Python, Ruby, Perl, Bourne/Bash, Powershell, Visual Basic, VBScript, PHP, Javascript, HTML
  • Demonstrated experience in technical report writing
  • Bachelors degree and 5 years of relevant experience; 3 years of relevant experience with a Masters degree
  • Technical certifications that support pen testing such as OSCP/OSCE, GPEN/GXPN
  • In depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes and algorithms
  • Previous experience countering Advanced Persistent Threat (APT) type threats to large enterprises (USG or commercial), such that there is familiarity with techniques and tools employed
  • Previous software development to support penetration testing including vuln dev, tool modules, covert tunneling, scanning scripts, passive collection, etc
  • Prior experience with NGC network architecture, IT Solutions, and Information Security
  • Understanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and data
  • Familiarity with NIST Risk Management Framework
  • Familiarity with OSSTMM 3, NIST SP800-15, Penetration Testing Framework
  • Current TS/SCI w/ Poly Clearance
72

Penetration Tester Resume Examples & Samples

  • Proven expertise at advanced levels in five of the following, to include ability to combine components into a functioning multi-layer network of heterogeneous devices and applications and ability to inspect and replicate a system of such components
  • Microsoft Windows Operating System versions
  • UNIX (Solaris, HP-UX, etc.,) Operating System versions
  • Linux variant Operating System versions
  • BSD variant Operating System versions
  • C/C++ Language software development
  • Java Language software development
  • Scripting language software development
  • Database Administration and application development with Oracle, SQL Server, and/or MySQL
  • Wireless (WiFi/WiMax/Bluetooth) technology (hardware or core software)
  • Wired telephony technology (hardware or core software)
  • Mobile telephony technology (hardware or core software)
  • Ubiquitous core network device (switch/router/hub) technology (hardware or core software)
  • Advanced GIAC and/or (ISC)2 network/cyber security specialties
  • Proven ability to perform computer network vulnerability assessment and penetration testing. Understanding of risk planning and mitigation strategies. Ability to prepare and present documents and briefing materials. (Individual positions within this labor category have additional qualification and competency requirements.)
73

Senior Penetration Tester Resume Examples & Samples

  • Must have a minimum of 3 - 5 years of consulting or relevant work experience
  • Proven abilities in leading and directing teams
  • Define, maintain and execute on an account plan that is in line with our company strategy
  • Ability to effectively manage time, prioritize work, and multi-task across several project assignments
  • Ability to manage, control and report on project budget. Implement corrective action as needed to control budget
  • Ability to interact and communicate professionally with all levels of staff and management as required to coordinate project deliverables, deliver status reports, and facilitate meetings
  • Exceptional problem solving skills
  • Subject Matter Expert within the industry
  • Bachelors degree from a four-year college/university or equivalent work experience required
  • Specific industry experience relative to this role is highly desired
  • Demonstrable penetration testing skills
  • Application development background with languages such as: C, C++, C#, JAVA, J2EE, AngularJS preferred
  • Vulnerability and Risk Management experience
74

Principal, Application Penetration Tester Resume Examples & Samples

  • Build out a comprehensive testing framework which combines internal and external testing vulnerability sources, security tools and vendor capabilities
  • Collaborate with software development, system engineering and architect peers to continually improve system design, implementation and operations
  • Perform manual validation of vulnerabilities
  • Thoroughly document exploit chain/proof of concept scenarios for internal client consumption
  • A degree or certificate in management information systems, security, mathematics, computer science or related field or 2-3 years of relevant information security experience
  • Working with technical security controls
  • Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages
  • Experience with vulnerability and penetration testing techniques and tools
  • Desire to obtain one or more security-related certifications such as Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE), and Offensive Security Certified Professional (OSCP)
  • Microsoft technologies
  • Mobile application programming and/or security testing
  • Network implementation (operational and security)
  • Security testing tools including Metasploit, Nmap, Nessus, Burp Suite
75

Penetration Tester Resume Examples & Samples

  • 2+ years of experience with Cybersecurity
  • Knowledge of how to leverage open-source penetration testing tools, including Metasploit and the Kali Linux tool set
  • Ability to communicate effectively and professionally with clients, teammates, and senior leadership
  • Ability to operate in organized security testing engagements with little assistance while demonstrating excellent team work expertise
  • Experience executing Web application, network, and system penetration tests for customers
  • Experience with Web application development, system administration, and the software and system development life cycle
  • Ability to program and script in Python or Ruby preferred
  • CEH, Security+, or GPEN Certification
76

Cloud Security / Penetration Tester Resume Examples & Samples

  • Performs formal penetration tests on applications, networks and computer systems
  • Researches, document and discuss cybersecurity findings with management, DevOps and IT teams
  • Works on improvements for cybersecurity services, including the continuous enhancement of existing methodology and used tools/environment
  • Recognizes security deficiencies in the product(s)/component(s)/service(s) in the area of responsibility
  • Carries out security assessments (e.g. Threat Modeling) to reveal architectural security issues and assists the team to reach a secure design
  • Works on architectural concepts for hardening our components, services and infrastructure
  • Reviews code scan findings to find patterns, and work out guidelines for resolution
  • Takes immediate countermeasures to address security issues
  • Implements checks to ensure secure operations of service(s) in the area of responsibility
  • Provides feedback and verification as an DevOps fixes security issues
  • Professional experience in DAST/IAST tools and web debugging tools e.g. Burp, Zap, ….)
  • Experience with products for networking analyses and scanning (e.g. Nmap, Wireshark, ….)
  • Java, C, C++, C#, PHP, JavaScript
  • Experience with Unix and Unix shell commands
  • Vulnerability analysis and reverse engineering
  • Metasploit framework
  • Experience in client-server programming and Cloud environment
  • Knowledge in software security (authentication mechanisms, cryptography, security breaches…)
  • IT security knowledge (system and network security, firewalls, IPS, Proxies)
  • IT knowledge (Operating systems, networking, databases)
  • Strong reporting and written documentation experience
  • Strong decision-making and problem solving skills
  • Excellent collaboration and team and team building skills across different functional roles
  • Passionate about his/her work, self-motivated and results-oriented
  • Proficiency in spoken and written English
  • Relevant education and work experience
  • At least 3 years of experience in penetration testing and vulnerability assessment
77

Mobile Application Penetration Tester Resume Examples & Samples

  • Excellent communication skills in English (both written and oral); able to concisely communicate security risks to both technical and business audiences
  • Proven ability to build relationships with clients and stakeholder
  • Solid understanding of enterprise risk management concepts
  • Masters Degree in Engineering or Computer Science related fields a major plus
78

Penetration Tester Resume Examples & Samples

  • Should able to perform host, network, and web application penetration tests
  • Should Propose remediation strategies for remediating system vulnerabilities
  • Follow industry best practices and methodologies
  • Scripting skills (e.g., Perl, Ruby, Python, Shell scripting)
  • Knowledge of DoD networks and communications, Windows and UNIX, TCP/IP, networking, and Kali Linux
  • Knowledge of the functionality and capabilities of computer network defense technologies, including Router ACLs, firewalls, IDS/IPS, antivirus, and Web content filtering
79

Penetration Tester Resume Examples & Samples

  • Scope and execute penetration tests against a variety of technologies including web application, mobile and infrastructure
  • Work collaboratively with a variety of internal stakeholders (security consultants, project managers, service managers, development teams, technical SME’s) to deliver high quality penetration tests
  • Work within virtual teams of security and technical specialists to ensure quality delivery of leading security assurance services to our internal clients
  • Innovate towards the goal of establishing novel security assurance services and the enhancement of existing services
  • 5+ years of experience in Information Technology
  • 3+ years in Information Security Role
  • 3+ years performing security penetration testing
  • 3+ years technical experience in a highly regulated environment
  • Strong pentesting skills and experience in application and infrastructure domains at a minimum
  • Understanding of the security mechanisms associated with Applications, Operating Systems, Networks, Databases, Virtualisation and Cloud technologies
  • Programming / scripting skills
  • Wider SDL activities such as threat/attack modelling and design review
  • Physical security knowledge and experience is considered beneficial but not required
  • Experience creating innovative solutions and responding to information security incidents a strong plus
80

Penetration Tester Resume Examples & Samples

  • Lead and manage complex assessments independently or with different size teams
  • Work collaboratively with a variety of internal and external stakeholders (security consultants, project managers, service managers, development teams, technical SME’s) to deliver high quality penetration tests
  • Contribute and lead strategic team activities outside of normal BAU testing to raise the security posture across the organisation
  • Develop subject matter expertise for Barclays systems/products from security perspective
  • 8+ years of experience in Information Technology
  • 5+ years in Information Security Role
  • 5+ years performing security penetration testing
  • 5+ years technical experience in a highly regulated environment
  • Understanding of the security mechanisms associated with Applications, Operating Systems, Networks, Databases, Virtualisation and Cloud technolgies
  • Good understanding of security strategies and technologies
  • Strong knowledge of information security frameworks and standards
81

Penetration Tester Resume Examples & Samples

  • Curriculum development & Instructor
  • Possess the ability to articulate information that is relevant to the course
  • Must be capable of speaking to large and small audiences from all military, non-military organizations and chains of command
  • Must be familiar with classroom media and devices, including PowerPoint, digital projectors, etc
  • Assist in developing realistic training scenarios to replicate real-world operations based on past SOF operational experience
  • Ability to create multimedia and trans media content using popular social media capabilities
  • A minimum of 3 years of relevant experience in penetration testing, Exploitation & Vulnerability testing
  • Must have experience working in this field within the last six months; Candidate must demonstrate the ability to remain current in this field of expertise; experienced in web technologies/services; firm understanding of practices and methodologies such as SANS Critical Security Control, OWASP, OSSTMM, PTES, NIST
  • Experience with various commercial and/or government tools used to test vulnerability
  • Experience as an penetration testing (i.e., training/educational/presentation certifications from notable SM conferences or courses)
  • Must have Security certifications in one of the following GPEN, GXPN, GWAPT, GAWN, OSCE, OSCP, LPT, CEPT, CPT, CEH, ESCA, GSNA, and/or CISA
  • Preferred Information Security Certifications in one of the following, CISSP, CISM, NSA-IAM/IEM, CCISO, CAP, GSLC, GISF, and/or Security+CE
  • Preferred experience in legal/policy related to cyber analysis, research, investigation, and engagement
  • Preferred experience in project planning in a team environment
  • Must have a current SECRET security clearance with eligibility for Top Secret with SCI
  • Must have a valid state driver's license without any prior convictions for traffic violations in excess of $150 fine (Last 7 Years)
  • The ability to travel worldwide without limitations
82

IT Security Engineer Penetration Tester Resume Examples & Samples

  • Expertise and experience in performing security assessment of network devices (router, switch, firewall configuration), servers, workstations, Web applications and databases
  • Experience using vulnerability tools such as App Detective, Nessus, WebInspect, AppScan, Hailstorm, NetStumbler, NMAP, ISS, Fluke Analyzer, and Nipper
  • Expertise and experience in creating documentation such as Systems Security Plans, Contingency Plans, Test Plans, Findings Matrices and Network Diagrams
  • Knowledge of NIST and FIPS security controls
  • Expertise in conducting vulnerability testing on UNIX and Windows operating platforms
  • Experience and knowledge of Identity Management systems, Application Security, Web Application Security, SOA functions, PKI administration
  • Expertise and experience reviewing and understanding SSPs, network diagrams, SOPs, and SSDs; Virtualization, Remote Access and Secure Mobile Computing technologies
  • Possesses strong oral and written communications, client facing skills, and can articulate both written and verbally technical concepts to a variety of technical and non-technical audiences
  • Experience utilizing security tools including but not limited to; Nessus, AppDetective, NMAP, Burp Suite Prod, Weblnspect, AppScan, SOAP UI, HP WebProxy or other mature testing automation tools
  • Proficient with source code review and development
  • Experience with web, application and database vulnerability testing
  • Experience conducting manual penetration testing capabilities beyond running automated tools
  • Ability to develop custom scripts or tools for exploiting vulnerabilities
  • Ability to perform social engineering tests
  • Must be familiar with OWASP Top Ten and or any other Web Application testing framework or other best practices
  • Must be proficient in web programming languages, in addition to mobile and remote access capabilities
  • Proficient and capable of presenting all findings with 3rd party vendors and/or resources shall be able to proficiently articulate both written and verbally technical concepts to a variety of technical and non-technical audiences
  • Ability to keep current with new/cutting edge technologies, languages, tools and exploits
83

Penetration Tester Resume Examples & Samples

  • Conduct formal security tests on web-based applications, networks and other types of computer systems on a regular basis
  • Perform application and infrastructure penetration testing using both manual and automated testing Develop and contribute to existing ethical hacking methodologies and procedures
  • Support training and awareness of information security policies and procedures
  • Perform dynamic and static code analysis
  • Collaborate with other teams to develop and maintain security testing toolsets
  • Communicate technical vulnerabilities and remediation steps to developers and management
  • Support the development of secure SDLC methodologies Investigate potential vulnerabilities reported by 3rd party security researchers
  • Provide a high standard of reporting that includes KPIs (measures & measurements)
  • Communicate potential risk and risk treatment options to business owners
  • Drive solutions that are consistent with scope
  • Ability to effectively facilitate meetings with project team members, various business groups and senior leadership
  • Ability to present persuasively and effectively to executives
  • Ability to manage, control and report on project budget
  • Implement corrective action as needed to control budget
  • Ability to interact and communicate professionally with all levels of staff and management as required to coordinate project deliverables, deliver status reports, and facilitate meetings. Excellent verbal and written communication skills
  • Application development background with languages such as C, C++, C#, JAVA, J2EE, AngularJS preferred Vulnerability and Risk Management experience
  • Compliance and security framework experience, e.g., PCI, SOX, NIST, ISO
  • Experience with automated tools, e.g., Appscan, Fortify, Appscan Source, Burp Suite, Qualys, Nessus, Kali Linux
  • Available to work after normal business hours
  • Ability to follow established policies and procedures
84

Cbest Penetration Tester Resume Examples & Samples

  • Part of a Cyber Threat Management testing team, working independently and collectively on projects, liaising with other testers, clients and others where necessary
  • Apply testing methodologies to find vulnerabilities in a range of systems, including web applications, network infrastructure and mobile applications
  • Write reports and technical documentation to a client-presentable standard
  • Developing skills and knowledge in new areas of technical information security, and progress towards industry qualifications such as CREST
  • Help improve the methodologies, tools and processes used by EY every day
  • Manage client engagements and internal projects including the monitoring and management of client engagement budgets
  • Work effectively as a team member sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
  • Develop and maintain productive working relationships with client personnel
  • Build strong internal relationships within Advisory and across other services
  • Identify and escalate potential business opportunities for EY
  • Manage, coach and support associate team members on your assignments
  • Maintain technical certifications and contribute to industry bodies as appropriate
  • Vulnerability research, penetration testing, or related fields
  • Experience within the Financial Services industry and a good understanding of technology landscape
  • Appropriate qualifications or equivalency i.e. CSAM, CSAS or OSCP and CRT equivalency
  • Technical knowledge and experience in all or some of the following
85

Penetration Tester Resume Examples & Samples

  • Operating System Experience: Windows, Linux, UNIX, REMnux, GNU Linux, Kali-Linux
  • Tools: OllyDB (OllyDbg, OllyDump, Olly Advanced), IDA Pro, LordPE,
  • Scripting: Powershell, VBA, Javascript, Perl
86

Penetration Tester Resume Examples & Samples

  • Expert level knowledge in penetration testing methodology
  • Excellent problem solving, decision-making, and investigative skills
  • Experienced in establishing and maintaining effective working relationships with employees and clients
  • Proficiency in time management, project management, presentation, and organizational skills
  • Working knowledge of security and network technologies, ability to interpret vulnerabilities, exploit and pivot through application and network environments
  • Previous auditing/consulting and/or penetration testing experience
  • Familiarity with multi-platform environments and their operational/security considerations
  • Excel as both a self-directed individual and member of a larger team
87

Security Penetration Tester With English Resume Examples & Samples

  • Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients
  • Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
  • Vulnerability and threat management experience
  • Good understanding of the components of a secure DLC/SDLC
  • Understanding of cryptography principles and PKI
88

Junior Security Penetration Tester With English Resume Examples & Samples

  • Review and define requirements for information security solutions
  • Bachelor degree or higher, technical discipline preferred
  • Interest in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
  • Good knowledge of security principles, techniques and technologies
  • Strong analytical skills and efficient problem solving
  • Good English communication skills (written and oral)
  • Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE
  • Experience with various security tools and products (Fortify, AppScan, etc…)
  • Vulnerability analysis and application reversing skills
89

Cyber Penetration Tester Resume Examples & Samples

  • Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Provides technical support in the development, testing and operation of firewalls, intrusion detection systems, enterprise anti-virus and software deployment tools
  • Conducts complex security architecture analysis to evaluate and mitigate issues. Develops policies and procedures for securing the system infrastructure and applications
  • Develops complex technical and programmatic assessments, evaluates engineering and integration initiatives and provides complex technical support to assess security policies, standards and guidelines. Develops, implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications
  • Performs highly complex product evaluations, recommends and implements products/services for network security. Validates and tests complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies
  • Identifies and oversees the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security
  • Provides complex technical oversight and enforcement of security directives, orders, standards, plans and procedures at server sites. Develops manuals and ensures system support personnel receive/maintain security awareness and training
  • Assesses the impact on the business unit/customer caused by theft, destruction, alteration or denial of access to information and reports to senior management
  • Bachelor's degree in computer science or related field preferred
  • Nine or more years of experience in network, host, data and/or application security in multiple operating system environments
  • Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
  • Experience working with internet, web, application and network security techniques
  • Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
  • Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
  • Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
  • Experience working with NIST Special Publications and C & A process methodology
  • Possess security certifications (CISSP, CCNA, etc)
  • Active TS/SCI w/ Poly Security Clearance
  • Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
  • Ability to perform and interpret vulnerability assessments
  • Ability to administer the operations of a security infrastructure
  • Ability to balance and prioritize work
90

Security Penetration Tester Resume Examples & Samples

  • Passion for identifying security weaknesses across a variety computer systems
  • Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary
  • Develop processes and implement tools and techniques to perform ongoing security assessments of the environment
  • Implement tools and techniques to identify and prevent unauthorized IT asset deployments
  • Keep current on industry security testing best practices and industry security risks
  • 2-3 years hands-on experience in either: security assurance, penetration testing, or vulnerability management
  • Programming experience in Java, C++, Perl or Python
  • Experience with white-box or gray-box testing
  • Experience with application security source code reviews
  • Advanced knowledge of operating system and database security (Windows, Unix, Linux, SQL, and Oracle etc.)
  • Demonstrated sound written and verbal communication skills
  • Work independently and manage workload with organization to meet expectations and objectives
  • Absorb, retain and organize information gathered from multiple sources and in a variety of formats
  • High level of integrity in dealing with confidential and sensitive information
  • Master’s degree in a relevant field
  • Experience developing exploits
  • Obtained certifications in one or more of the following preferred: CISSP, GIAC, CEH
91

Senior Penetration Tester, VP Resume Examples & Samples

  • 2-5 years of experience with web and mobile penetration testing and code review using automated tools, manual testing, and custom developed scripts and process chaining
  • Core IT engineering familiarity; system and network security, authentication and security protocols, and applied cryptography
  • Strong network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, TLS routing protocols)
  • Advanced experience with application layer assessment tools, such as local proxies and fuzzers
  • Financial industry experience
  • Experience developing custom scripts or tools used for security testing
  • Practical knowledge of financial and industry regulations and frameworks (PCI, SOX, GLBA, ISO 17799, HIPAA, FFIEC, NIST)
  • Strong understanding of Secure Development Lifecycle and integrated security testing
  • Security source code review experience in C/C++, C#, Java, Swift, or Android
  • Security automation development
  • Knowledge of Single Sign On technologies such as SAML, Kerberos, and Siteminder
  • Experience with IAST tools
92

Penetration Tester, Analyst Resume Examples & Samples

  • Exceptional Penetration-Tester with proven track record of excellence in the field of web application security and penetration testing
  • Deep experience working in an enterprise wide penetration testing program
  • Subject matter expert in all facets of penetration testing and web application security
  • Subject matter expert in application security
  • Strong desire to build a best in class program
  • Exceptional ability to execute and drive change
  • Absolute self-starter who will take the lead and initiative to find and solution problems
  • Flawless communication skills
  • Strategic, creative, and innovative mind
  • Knowledge of GLBA, PCI, and SOX requirements
  • Zero tolerance for operational and design oriented security gaps
  • Experience in creating trending, metrics, and management reports
  • Strong network and web-related protocol knowledge
  • Able to clearly communicate security risks to both technical\developers and business audiences
  • Experience with static and dynamic security testing tools
93

Senior Penetration Tester / Web Analyst Resume Examples & Samples

  • Assist customers with meeting compliance to Department of Defense (DoD) requirements by emulating adversarial activity on public-facing services
  • Maintain in-depth technical knowledge of adversarial activity in order to replicate similar tactics, techniques, and procedures (TTPs) during assessments
  • Assess subscribers’ security posture through the use of automated tools and manual techniques to identify and verify security vulnerabilities
  • Use creative approaches to identify vulnerabilities that are commonly missed in security assessments, and automated tools
  • Trigger vulnerabilities and identify specific, meaningful risks to subscribers based on business and mission impact
  • Provide detail-oriented technical assistance with remediation and mitigation efforts, often in the form of verbal and/or written communication
  • Create comprehensive assessment reports that clearly identify root cause and remediation strategies
  • Interface with client personnel to gather information, clarify scope and investigate security controls
  • Collaborate with other team members and counterpart CND organizations to facilitate information sharing and provide direct support to the Team Lead, as necessary
94

Cyber Security Penetration Tester Resume Examples & Samples

  • Must meet DoD 8570 IAM Level 3 requirements (CISSP+) and have an active TS/SCI
  • Must possess a penetration tester certification (i.e., GPEN, GXPN, GWAPT)
  • Possess or be willing to obtain a MCTS and Linux certification within an established timeframe
  • Minimum Bachelor’s degree and 2 years’ experience
  • Associates degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science
  • Hands on experience with penetration testing and reverse engineering
  • The Metasploit Framework, Burp Suite, or similar architecture(s)/application(s) (5 years)
  • Experience in working with and in a network systems security environment with a focus on security and information assurance (5 years)
  • Strong knowledge of Windows Internals, Windows Application Programming Interfaces (API), Portable Executable (PE) formats, Windows Registry, and security models
  • Advanced experience with Linux+, Power Shell, SED, AWK, Perl, Python, Batch, or similar
  • Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, and pass the customer’s training and certification program and remain mission ready qualified
  • Candidate should be self-motivated with minimal supervision
  • Database (e.g., OCP, Postgres, CMDBA, MSDBA, MS SQL Server, etc.), GREM and C|EH a plus
  • Experience or familiarity with military operations, protocol and the Cyber Patrol Team construct is highly desirable
95

Penetration Tester Resume Examples & Samples

  • 2+ years of experience with leading the development of technical documentation, including test plans, executive briefs, and test reports
  • 2+ years of experience with Linux or UNIX-based operating systems, including command line interfaces
  • Experience with two or more of the following Cybersecurity tools: NMap, Tenable, Nessus, OpenVAS, Metasploit, Core Impact Pro, Burp Suite, or Nikto
96

Senior Penetration Tester & Security Assessment Engineer Resume Examples & Samples

  • Perform penetration tests and vulnerability assessments on targets
  • Facilitate removal or remediation of vulnerabilities
  • Contribute to our penetration testing program and toolkit
  • Research new threats, attack vectors and risk
  • BS/MS degree, or relevant work experience
  • Infrastructure and application level penetration testing experience
  • Expert knowledge in computer and network security
  • Extensive knowledge of the OWASP Top 10 and CWE Top 25
  • Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more
  • Offensive attack hacker mindset
  • Bug bounty awards
  • Experience with the latest and greatest penetration testing tools
  • Experience in software development, Java, PHP, Perl, Python, Ruby, etc..
  • Information security certifications, GPEN, OSCP, OSCE, OSWE, CEH, CISSP
  • Ability to self motivate when given strategic goals
97

Red Team Penetration Tester, Senior Resume Examples & Samples

  • Experience with multi
  • Vector penetration testing using Core Impact preferred
  • Ability to work in a Fast-paced environment
98

Penetration Tester, Senior Resume Examples & Samples

  • Sharing. Lead enterprise and system focused network and application penetration test engagements for a wide variety of clients, including federal government and commercial clients across multiple market sectors, working with a team of 10 or more seasoned security testing professionals to enhance existing services offerings and security testing capabilities. Conduct hands
  • On technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Windows or *nix, conduct scenario
  • Based security testing or red teaming to identify gaps in detection and response capabilities of client networks, and develop comprehensive and accurate reports and presentations for both technical and executive audiences. Communicate findings and strategy to client stakeholders, including technical staff, executive leadership, and legal counsel. Apply security testing and penetration testing techniques and mindset to a wide range of projects. Act as the primary interface and lead for small penetration test teams ranging from 1 to 3 additional testers and manage the delivery of staff assignments, as needed. This position will require occasional travel to other locations throughout the US and is located in the NYC metro area
  • Experience with tools, including Nessus, WebInspect, AppDetective, Hailstorm, Metasploit, Burp Suite Pro, Aircrack
  • Ng, and Kismet
99

Penetration Tester, Senior Resume Examples & Samples

  • Assessments, network protocols, and software code for system vulnerabilities. Provide technical information system security testing in support of the appropriate security risk management processes using security assessment and technical testing efforts, including In-depth network and application vulnerability testing for automated and manual testing and demonstrable false positive validation. Develop documentation in support of testing efforts, including test plans, preliminary findings reports, security assessment reports, and other, similar test artifacts, as required by the government. Work with commercial and government open source vulnerability assessment tools and techniques used for evaluating operating systems, databases, and Web applications. This position is located in Rome, NY
  • DoD 8570 IAT Level II Certification, including CCNA
  • Security, GSEC, or CompTIA Security+
  • Experience with problem solving through using out
  • Box approaches
  • Knowledge of penetration attack strategies for Web services, databases, and e
  • Mail, Forensics tools, and Cryptography principles
100

Penetration Tester Resume Examples & Samples

  • Minimum of 2 years performing penetration testing in a commercial/business/federal setting. Must have OSCP
  • Possess good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations
  • Knowledgeable in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events
  • Familiar with scripting languages, Python, BASH, Powershell
  • Preferred to have OSCE. Familiarity with the following protocols: ARP, DHCP, DNS, DSN, FTP, HTTP, IMAP, ICMP, IDRP, IP, IRC, NFS, POP3, PAR, RLOGIN, SMB, SMTP, SSL, SSH, TCP, TELNET, UDP. Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models
  • Minimum 2 years Pen Testing in commercial/business/federal setting. Write programs on the fly in Python, BASH, Powershell
101

Penetration Tester, Mid Resume Examples & Samples

  • Readable vulnerability assessment data, screenshots of exploitation, and other artifacts from the test event. Contribute to daily reports during testing events and exploitation walkthroughs for post
  • Test reporting. Provide lessons
  • Learned and recommendations to the team lead for inclusion in SOPs and process documents. This position is located in Norfolk, VA
102

Penetration Tester Resume Examples & Samples

  • 4+ years of experience with performing penetration testing and risk assessments against computer networks
  • 2+ years of experience with Perl and Python scripting
  • Experience with Backtrack or Kali Linux
  • Knowledge of common penetration testing tools, including Nmap, Netcat, Nessus, Metasploit, and Core Impact
  • DoD approved 8570 Baseline Certification and Penetration Tester (GPEN) Certification
  • Certified Ethical Hacker (CEH) or Global Information Assurance Certification
103

Penetration Tester Resume Examples & Samples

  • Provides security design, consultation, and technology governance oversight for various projects and initiatives
  • Provides assistance to system users relative to information systems security matters
  • Acts as information liaison to various business units and information technology departments
  • Acts as a resource for direction, training and guidance for less experienced staff
  • Conduct information security vulnerability assessment and network penetration testing projects
  • Conduct web application vulnerability assessment and penetration testing projects
  • Contribute to the ongoing enhancement of the bank’s vulnerability assessment and management capabilities through the development and implementation of improved methodology, processes, infrastructure, and tools
  • Create detailed risk assessment reports which explain identified security weaknesses, describe potential business risks, present prioritized recommendations, and estimate effort levels for remediation
  • Document technical and logical security findings identified during the security assessments, and report them in a timely manner
  • Provide consultative support with implementation of remediation steps, standards, and best practices
  • Collaborate and share knowledge with team members via formal and informal methods on a regular basis
  • Excellent oral and written communication skills
  • Project management skills, must be able to manage concurrent projects through standard delivery phases of information gathering, assessment, and reporting
  • Strong technical skills related to information security, network security, Windows security, UNIX/Linux security, and web application security
  • Advanced knowledge and experience with information security assessment and network penetration methodologies, tools, and techniques
  • Advanced knowledge of web application vulnerabilities, such as those included in the Open Web Application Security Project (OWASP) Top 10 List
  • Familiarity and experience with automated tools used to find web application vulnerabilities and their distinguishing features
  • Certified Ethical Hacker, GWAPT, GPEN or OSCP certification
  • Experience with penetration testing tools
104

App Sec Penetration Tester Resume Examples & Samples

  • Identifying and containing advanced cyber security threats targeting the Teradata suite of products
  • Conducting network exploitation operations, to include Cyber Red Team operations
  • Perform in-depth technical analysis of computer networks culminating in the identification of existing and potential vulnerabilities that if exploited would allow unauthorized access to Teradata products
  • Contribute to and support effort to build intellectual property via patents
  • Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements
  • Perform security risk assessments, threat models, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers
  • Evaluation of new technologies, tools, and/or development techniques that impact security
  • Assist in the software security certification process for the organization
  • Perform security risk analysis for products and portfolio and provide engineering designs for new software solutions to help mitigate security vulnerabilities
  • Contribute to all levels of the architecture, and maintain security documentation
  • Provide security guidelines for the organization to protect critical assets and data
  • Knowledge of networking fundamentals (all OSI layers)
  • Knowledge of software exploitation (web, client-server and mobile) on modern operation systems. Familiarization with XSS, SSJS, filter bypassing, etc
  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
  • Bachelor's Degree in Engineering, Business Management, or Technology related fields a major plus
  • Knowledge of conducting physical security penetration testing is small independent teams
  • Knowledge of malware packing and obfuscation techniques
  • The ideal candidate has experience working with automation script languages such as Puppet, Chef, Cloud Formation, etc
  • Ability to program in C, C++, C#, Objective C, Python, Java, PHP and/or ASM (x86)
  • The ideal candidate has experience with cloud and virtualized technology in environments such as AWS, Azure and VMware
  • Detailed knowledge of current international best practices in privacy
  • Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to any audience, and discuss effective defensive techniques
  • Candidates must have experience managing $1M+ budgets and planning multi‐year roadmaps
  • Previous experience with HIPAA, PCI, NIAP, and other compliance frameworks. CSSLP Certification preferred
105

Security Consultant Penetration Tester Resume Examples & Samples

  • Have working and practical knowledge in either Ruby, Python, C/C++, or Assembly
  • Think outside-the-box and very detailed focused
  • Have contrarian thinking with attention to detail and demonstrate careful organized methodologies
  • Analyze target systems, while continually thinking about how to overcome their defenses
  • Approach problems in a different way than “normal” Network Admins, Systems Admins and DBAs
106

Penetration Tester Resume Examples & Samples

  • Perform full cycle engagements of penetration testing on business units independently, or as part of a team
  • Perform manual penetration testing of client systems, web sites and networks to discover vulnerabilities
  • Thoroughly document exploit chain/proof of concept scenarios for client consumption
  • Communication skillset to influence SVPs, VPs, Directors, and Domain Managers to prioritize and execute remediation plans
  • Ability to develop innovative tools, solutions, processes which scale across a >100,000 resource global organization
  • Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
  • Research, document and discuss security findings with management and IT teams
  • Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
  • Provide feedback and verification as an organization fixes security issues
  • Responsible for developing and executing formal web application security test plans to ensure the delivery of quality software applications
  • Involved in test planning, preparation and communication with client prior to security test execution
  • Performs web application attack & penetration testing to find security issues such as risks, defects and logical errors
  • Collects and analyzes security data from manual, automatic and static source review, and integrates them to find best way to address security issue to meet the needs of the business
  • Documents all issues and assists in their resolution
  • Delivers security training and education t technical staff within findings and acts as an internal security consultant to advise or influence business or technical partners
  • Provides quality web application security audits across the various IT functions to ensure quality standards, procedures and methodologies are being followed
107

Penetration Tester Resume Examples & Samples

  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
  • Recognize and safely utilize attacker tools, tactics, and procedures
  • Develop scripts, tools, or methodologies to enhance red teaming processes
108

Penetration Tester Resume Examples & Samples

  • Performing vulnerability assessments, penetration tests and reviewing technical security compliance
  • Performing penetration tests and writing reports including recommendations for improvements
  • Carry out fine-tuned configuration and customization of cyber defense components to maximize their efficiency and performance
  • Monitor managed components and manage incidents and problems
  • Design, develop, install, configure, test, monitor, maintain, troubleshoot and upgrade cyber security infrastructure
  • Support various technical and non-technical stakeholders to specify and negotiate security requirements
  • Depending on your seniority, being in charge of stakeholder management and leading small (2-3) project teams in the fields mentioned above
109

Penetration Tester Resume Examples & Samples

  • 2+ years of experience with performing penetration testing and risk assessments against computer networks
  • 1+ years of experience with penetration testing tools, including Burp, Nmap, Wireshark, Nessus, and Metasploit
  • Knowledge of common vulnerabilities and related attack vectors
  • Ability to brief technical and non–technical audiences on security threats, vulnerabilities, and risks
  • DoD 8570 IAT Level III and CEH Certification
  • Possession of excellent technical writing skills to produce client ready deliverables
  • BA or BS degree in a technical field
110

Senior Penetration Tester Resume Examples & Samples

  • Identify security vulnerabilities, weaknesses and exposures and provide remediation assistance in the following technologies –
  • Conducting manual, automated and/or tool-based security reviews and assessments for our games and supporting backend services
  • Report security findings with their impact and probability
  • Support our security operations program in enhancing our monitoring and detection capabilities
  • Make recommendations to game developers, 2K IT and Online staff on improving security posture of systems
111

Security Penetration Tester Resume Examples & Samples

  • REMOTE WORK OPTION MAYBE AVAILABLE
  • Scoping of penetration tests, use cases, and timing
  • Development of ‘rules of engagement’ with partners
  • Internal and external network penetration testing
  • Application testing, including black box, code reviews, and reverse engineering
  • Software development advisory
  • In-vehicle, network and software architecture reviews and guidance
  • Develop and communicate recommendations on findings remediation
  • Continuous improvement of testing processes and methodologies
  • Coordinate and function as a subject matter expert to third-party penetration testing efforts, as needed
  • Bachelor’s Degree
  • 4+ years of professional experience in computer security, software development, or networking and systems administration
  • 2+ years experience in penetration testing
  • Working knowledge of ISO27001
  • CISSP certification
  • Deep experience in IP based networking
  • Strong encryption background
  • Threat Modeling experience
  • Advanced Web technology knowledge (i.e., HTTP, HTML, SQL)
  • Advanced knowledge of the detection, exploitation, and prevention of software vulnerabilities (i.e., SQL injection, XSS, buffer overflows)
  • Exceptional communication skills, both oral and written
  • Excellent self-tasking skills
  • Intermediate administration skills for Windows and/or Unix systems
  • For infrastructure-focused engagements: Intermediate TCP/IP networking knowledge (including networking architecture, device configuration, and operational practices)
  • For application-focused engagements: Intermediate software development knowledge (including programming languages, application architecture, and development processes
  • Broad Operating System knowledge
  • Previous Security Experience with Cellular Carriers
  • This role will span both traditional IP based infrastructure as well as in-vehicle technologies - working knowledge of vehicle-based security protocols is a big plus
112

Penetration Tester Resume Examples & Samples

  • Plan, communicate, coordinate and perform penetration tests and security assessments at application, system and enterprise level
  • Develop all Rules of Engagement, scoping documents and reports
  • Perform manual penetration tests and validation of vulnerability scan results
  • Develops automation/scripts for replicating vulnerability validation and penetration tests
  • Develop SOPs and architect all penetration testing and security assessment methodologies
  • Devises plans and scenarios for various types of penetration tests
  • Documents exploits and results in remediation and final report
  • Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
  • Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk
  • Selects, installs, and configures security testing platforms and tools or develop tools and procedures for vulnerability assessments and penetration tests
  • Contributes to application of FISMA compliance mechanisms, including NIST SP 800 series, with the addition of sound methodologies in lieu of weakly-defined and subjective scores
  • Performs vulnerability assessments using automated tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)
  • Support flexible work locations per work schedule (at RTN, and multiple customer sites)
  • Performs off-hours work as necessary
  • Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
  • Experience in penetration testing large and complex enterprise networks
  • Experience with utilizing penetration testing methodologies
  • Experience with web and mobile applications, databases, operating systems
  • Experience with regulatory compliance, policy development, and policy enforcement
  • Experience with FISMA compliance and the NIST SP 800 series
  • Experience with DISA STIGs or similar secure configuration guidelines
  • Experience in the roles identified above
  • 3+ years of penetration test experience
  • Hands-on OS configuration/administration experience
  • Programming experience with focus on penetration testing or process automation
  • Experience with cyber security development projects and programs for U.S. Government and/or commercial clients
  • Experience with FEDRAMP
  • Experience with process development and deployment
  • Kali Linux
  • Metasploit
  • Nmap
  • Burp Suite
  • Powersploit
  • Tenable SecurityCenter
  • HP Fortify
  • IBM AppScan
  • WebInspect
  • Security COTS integration
  • Security Incident Event Management
  • Operating System Hardening
  • Vulnerability Assessment testing
  • Identification and Authentication schemes
  • Public Key Infrastructure and Identity Management
  • Cross Domain Solutions
  • Reverse Engineering
  • Security engineering
113

Penetration Tester Resume Examples & Samples

  • An integral role in a team of passionate penetration testing experts, as well as senior IT consulting experts within 7Safe and the broader PA Consulting Group
  • An adaptable career development and training plan that can be fine-tuned to your personal needs
  • Deliver our technical hands-on training courses on ethical hacking and security awareness
114

Expert Application Penetration Tester Resume Examples & Samples

  • Vulnerability Assessment tools, e.g. IBM Appscan, HP WebInspect, etc
  • Exploitation frameworks, e.g. Metasploit, CANVAS, Core Impact
  • Proficient in Java Language
  • Thick client testing
  • Mobile environments (iOS / Android / Blackberry)
  • Web development and programming or scripting languages i.e. Python, Perl, Ruby, Java, and/or .Net
  • Source Code review
  • Conducting application vulnerabilities assessments and articulating security issues to technical and non-technical audience
  • Experience using open source and vendor vulnerability assessment tools
  • Being familiar with reverse engineering techniques
  • Excellent communications skills (written and verbal) with strong sense of responsibility and ability to communicate with all levels of staff and upper management are also essential
  • Education Level Required: Bachelor's Degree
  • Professional certificates or willingness to obtain them
115

Advanced Penetration Tester Resume Examples & Samples

  • Experience in Web development and programming languages i/e Java/J2EE (Servlets/JSPs, STRUTS, Spring Flow, JavaServer Faces, Hibernate, JDBC, Enterprise Java Beans)
  • Vulnerability Assessment tools, e.g. Nessus, Qualys, etc
  • Penetration testing (application and/or infrastructure)
  • Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side
  • Social Engineering campaigns, e.g. email phishing, phone calls, SET
  • Deep understanding of OSI model
  • Security devices, e.g. Firewalls, VPN, AAA systems
  • OS Security, e.g. Unix, Linux, Windows, Cisco, etc
  • Understanding of common protocols, e.g. LDAP, SMTP, DNS, Routing Protocols
  • Web application infrastructure, e.g. Application Servers, Web Servers, Databases
  • Web development and programming languages i.e. Python, Perl, Ruby, Java, and/or .Net
  • Reporting information security vulnerabilities to businesses
  • Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures
  • Background in a similar role
  • Understanding enterprise networks
  • Proficient with Microsoft Office products including Word and Excel, Power Point
  • Good communications skills (written and verbal) with strong sense of responsibility and ability to communicate with all levels of staff and management are also essential
  • Great presentation skills are a must, as identified vulnerabilities need to be presented to seniors and vendors
116

Senior Penetration Tester Resume Examples & Samples

  • Solving interesting security challenges
  • Security testing, guidance and advisory
  • Bringing great ideas to the table
  • Helping others develop their great ideas
  • Coaching and mentoring other members of the team
  • Focus on customer experience and service
  • Being part of something exciting
  • Familiarity with any of the following technologies: ZigBee, Bluetooth, RF, Near Field Communication, or other wireless technologies
  • Exploit development and reversing
  • Research
  • Conference speaking
  • Prior experience with routing, switching, and/or Microsoft Active Directory administration
  • Background in multi-platform system administration, network administration, or network architecture
117

Senior Penetration Tester Resume Examples & Samples

  • 3 years experience performing vulnerability assessments, penetration testing, code review, and threat modeling
  • 5 years experience in security engineering (system and network security, authentication and security protocols, cryptography, and application security)
  • Solid understanding of security fundamentals
  • Scripting/programming skills
  • Network and Web protocol knowledge (TCP/IP, UDP, HTTP/S, HTTP/2, OAuth, SAML, JWT, CORS, Web Sockets, etc.)
  • Basic knowledge of Windows and Unix system administration
  • Experience with the following languages: Ruby on Rails, Python, Scala, Go, PHP, and Javascript
  • Experience with virtualization and containerization technologies such as Xen and Docker
  • Excellent communication skills and the ability to articulate business risk of vulnerabilities
  • Applicants living in, or willing to relocate to, the San Francisco Bay Area are preferred
118

Penetration Tester Resume Examples & Samples

  • 3 year’s penetration testing minimum experience required
  • Strong experience with open source penetration testing tools i.e. Kali Linux
  • Strong background in network devices (Firewalls, routers, switches, load balancers, etc.)
119

Vulnerability Assessment & Penetration Tester Resume Examples & Samples

  • Experience with programming in one or more of the following: PHP, Perl, Python, ruby, bash, C, or C++, including scripting and editing existing code
  • Experience with Web application security testing
  • Experience with one or more of the following: network vulnerability assessments, network penetration testing, red teaming, security operations, or hunt
  • Experience with using, administering, and troubleshooting Linux and Windows environments
  • Experience with security tools, including Netsparker, Burp Suite Pro, Nessus, Nmap, and Metasploit
  • Ability to clearly convey results in formal technical reports
  • BS degree in CS, Computer Engineering, or technical field
  • Offensive Security, SANS, or Cisco Certifications
120

Penetration Tester Resume Examples & Samples

  • Be a trusted member of our Advanced Security Centre team
  • Execute and help manage technical IT Security testing engagements
  • Work effectively as a self-managed team member; share responsibility, provide support, maintain communication and update senior team members on engagement progress
  • Evolve your skills to match cutting edge IT Security trends
  • Prepare client reports and presentations to an exceptional standard
  • Contribute and assist with IT security staff recruitment, retention and development activities
  • A drive to build and grow your technical IT security career to the next level
  • A methodical approach to attack and penetration testing (above running automated tools)
  • Application security testing experience (in particular ASP.NET and Java technologies)
  • Mobile application security testing/development experience
  • Infrastructure security testing experience
  • Wireless security testing experience
  • Source code analysis for security vulnerabilities experience
  • Reverse engineering or malware analysis experience
  • Threat Intelligence experience
  • Operational Technology/Industrial Control Systems experience
  • Technical security operations experience
  • Working knowledge of network protocols
  • Network security: firewalls/routers/switches/VLANs
  • Administration experience in any of the following
  • Windows Active Directory Administration
  • Linux/Unix Administration
  • Database Administration
  • Knowledge of one or more scripting/programming languages (e.g. Python, Ruby, PHP, Java .NET, C, C#, etc)
  • Systems security skills in assessment, design, architecture, management and reporting
  • You'll have a minimum of 4+ years IT Security or 2+ year’s penetration testing experience
  • A Bachelors and/or post graduate degree in computer science, information systems, engineering, or a related major is advantageous
  • Strong project management, negotiation and interpersonal skills
  • Advanced written and verbal communication skills and presentation skills
121

Senior Cybersecurity Penetration Tester Resume Examples & Samples

  • Active in InfoSec community (OWASP, Cha-Ha, 2600, Speaker…)
  • Bachelors’ Degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems
  • Three or more years in Cybersecurity with significant experience in application security assessments in addition to a degree
  • Offensive Security Certified Professional (OSCP)
  • Working knowledge of Cybersecurity frameworks such as OWASP and NIST
  • Develop or modify exploits
  • Reverse engineering
  • Experience with various DBMS systems
  • Experience with app sec and app sec remediation’s
  • Industry level certifications such as Certified Ethical Hacker (CEH)
  • Advanced knowledge in relevant information technology field such as Active Directory, Windows/UNIX, databases (Oracle, SQL, and DB2), application development/system development life cycle, and network security, NERC CIP, PeopleSoft or Maximo
  • Combined 10+ years overall IT experience
  • Knowledge of Metasploit
  • Knowledge of Acunetix
  • Knowledge of Burpsuite
  • Knowledge of Kali
  • Knowledge of SQLmap
  • Knowledge of SoapUI
  • Knowledge of w3af
  • Knowledge of ZAP&#8217
  • Knowledge of SQL NINJA
  • Knowledge of BeEF
  • Knowledge of ettercap
  • Knowledge of Aircrack-ng
  • Knowledge of Tamper Data,
  • Knowledge of WebScarabNG
  • Knowledge of Maltego
  • Knowledge of SET
122

Chicago Technology Consulting Security & Privacy Penetration Tester Senior Consultant Resume Examples & Samples

  • Exploiting vulnerabilities and identify specific, meaningful risks to clients based on industry and business focus
  • Performing complex wireless attacks both against wireless clients and access points
  • Using social engineering techniques to obtain sensitive information, network access and physical access to client sites
  • Assessing physical security controls by lock picking, camera evasion, tailgating, dumpster diving and other evasive techniques
  • Executing opportunistic, blended and chained attack scenarios that combine multiple weaknesses to compromise client environments
  • Improving methodologies, toolsets and offerings through collaborative development work and by updating team documentation
  • Advanced verbal and written communication skills including documentation of findings and recommendations
  • Strong listening skills to discern the best course of action for our clients
123

Technology Consulting Security & Privacy Penetration Tester Senior Consultant Resume Examples & Samples

  • Assessing clients’ network security posture through the use of automated tools and manual techniques to identify and verify common security vulnerabilities
  • Using creative approaches to identify vulnerabilities that are commonly missed in security assessments
  • Creating comprehensive assessment reports that clearly identify root cause and remediation strategies
  • Communicating strengths and weaknesses to the client or internal project management team and developing effective solutions
  • Providing support in the ongoing development of security assessment offerings through tool creation and process improvement
  • Ability to quickly learn new concepts and skills
  • Excellent interpersonal skills to interact in team environment and foster client relationships
  • Experience performing Security Assessment work (vulnerability, penetration tests, web application, wireless security and social engineering) for at least the past year strongly preferred
  • Demonstrated ability to deliver projects using well-defined methodology across various security assessment disciplines including
  • ~20% travel throughout the month based upon client requests/commitments. Travel may include suburban, regional, or out of state locations
124

Philadelphia Technology Consulting Security & Privacy Penetration Tester Senior Consultant Resume Examples & Samples

  • Prior project management and supervisory skills ideal
  • Ability to work in a team environment and foster client relationships
  • Sound job administration skills
  • Above-average written and verbal communication skills, including documentation of findings and recommendations
  • Ability to handle highly confidential information in a strictly professional manner
  • Ability to maintain professional demeanor in times of high stress
  • Develop and apply proficiency with Protiviti policies and methodologies
  • Apply understanding of business processes and technical skills to successful completion of projects
  • Develop understanding of project requirements and client’s business
  • 3+ years hands on experience in one or more of the following Operating Systems: Windows Server 2012/200x, Linux and UNIX
  • 3+ years practical experience in TCP/IP Networking
  • A diverse skill base in both Information Systems and Information Security which address organizational structure and administration practices, system development and maintenance procedures, system software and hardware controls, security and access controls, computer operations, environmental protection and detection, and backup and recovery procedures
  • Knowledge of information system architecture and security controls (i.e. firewall and border router configurations, operating systems configurations, wireless architectures, databases, specialized appliances and information security policies and procedures)
  • Travel throughout the month frequently required based on client requests/commitments
125

Senior Penetration Tester Resume Examples & Samples

  • Conduct scans of Hyatt’s IT infrastructure to detect cyber security vulnerabilities, and arrange fixes with the appropriate teams for identified issues
  • Perform regular “red team” exercises, acting as a malicious attacker would to identify novel and unique vulnerabilities and ensure they are remediated
  • Select and visit specific Hyatt hotels to identify cyber security vulnerabilities on-site and produce meaningful reporting for all findings
  • Conduct vulnerability assessments of new applications and act as an advisory resource to their developers to help ensure the creation of secure code
  • Provide analytical support to the Cyber Security Operations team during investigations of attacker activity to help them understand malware behaviors and attack methods
  • Demonstrate a commitment to Hyatt core values add Hyatt values
  • At least five years of experience with vulnerability assessment or penetration testing is preferred; however any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptable
  • Familiarity with common security testing tools and tool sets such as Kali, Burp Suite, Metasploit, and Core Impact is required
  • Expertise with vulnerability scanning tools like Nessus, Nexpose, and Qualys is required
  • Understanding of attacker behaviors and skillsets is required
126

Red Team Penetration Tester Resume Examples & Samples

  • Previous Scripting/coding experience/exposure (Python, Perl, Ruby, Bash, PowerShell, .NET, HTML5, PHP etc.)
  • Basic networking knowledge – understand networking essentials, data flows, architecture, protocols, traffic, wireless, etc
  • Software/hardware (lab) skills such as configuration in windows/*nix/DB, resolve basic network connectivity issues, resolve errors, perform server related tasks such as racking, troubleshooting, HDD issues, cabling, disassembling/upgrading/imaging, etc
  • Ability to obtain & retain a DoD Top Secret/SCI and other compartmentalized clearances
  • Ability to travel (10%)
  • Effective documentation and verbal communication skills in customer-facing roles
  • Demonstrated successful ability to multi-task and perform in an interrupt-driven, non-deterministic environment while working independently and as a team
127

Senior Penetration Tester Resume Examples & Samples

  • Extensive experience with penetration testing against a wide variety of application layer platforms, including web, mobile, and thick client above and beyond running automated tools
  • Extensive experience with penetration testing against internal and external facing corporate infrastructures
  • Strong understanding of Security architecture both from a penetration testing and design point of view
  • Experience documenting technical issues identified during security assessments and building improvements in to the existing service support tools and “standard findings”
  • Experience with recommending counter-measures and remediation techniques an implementing them at a code levels
  • Act as a role model for other team members demonstrating the technical competence and professionalism
  • Provide training and mentoring to other testers on projects as well as suggesting other training requirements for individuals
  • Expert technical ability in security related architecture design and assessment (manual approach to penetration testing)
  • Strong understanding of Security concepts for both Windows and Unix related operating Systems
  • Excellent understanding of current “high impact” and “well known” application and infrastructure vulnerabilities
  • Intermediate level understanding of Mobile Application Security concepts
  • Good understanding of exploitation research and mitigation (buffer and stack overflows/protection mechanisms)
  • Strong knowledge of scripting languages (Python/Perl) and associated usage within penetration test assessments
  • Significant experience with penetration testing against a wide variety of application layer platforms, including web, mobile, and thick client above and beyond running automated tools
  • Experience with usage and deployment of infrastructure assessment tools (commercial and open source scanners)
  • A preferred candidate would have experience of Security source code review or development experience in C/C++, C#, VB.NET, ASP, PHP, Ruby or Java
  • Understanding of SDLC consultancy related to web application vulnerabilities
  • Significate experience with report QA both from a business impact perspective as well as a technical perspective
  • Knowledge and understanding of Agile SDLC and Continuous Testing / Continuous Delivery models
  • Ability to correlate test findings to any existing threat models to static and/or dynamic scan results to identify and recommend improvements to those other processes
  • Knowledge of application reverse engineering techniques and procedures
  • Ability to motivate, mentor and develop talent both technically and interpersonal skills
  • Ability to create, communicate and implement strategies
  • Ability to work both independently and perform as a leader in a team environment
  • Ability to work as part of a distributed team environment
  • Proven experience of application and infrastructure security assessment experience
128

Senior Penetration Tester Resume Examples & Samples

  • BS Degree in a computer system science discipline from an accredited college or university and 10 - 14 years of progressive, relevant experience, or an MS Degree in a computer or system science discipline and 8 - 12 years of progressive experience, or a PHD Degree in a computer or system discipline and 4 - 7 years of progressive experience
  • Fourteen (14) years overall information technology experience, in which eight (8) plus years of the overall requires recent experience performing penetration testing at the network, system and application levels
  • Well-versed in common cyber security terminology, security assessments, vulnerability and penetration test principles and methodologies
  • Experience writing Windows PowerShell and Linux bash scripts,
  • Experience with Windows and Linux-based platforms including workstations and server
  • Knowledge of top industry security best practices and procedures, including NIST SP 800-53, OWASP, and CoCS 20 Critical Controls
  • Experience using automated security testing tools including, but not limited to Nessus, Nexpose, Burp Suite, Acunetix, AppDetectivePRO, Kali Linux, Metasploit and NMap
  • Experience evaluating networks, systems and applications for vulnerabilities including examining firewall rulesets, identifying missing patches, and discovering buffer overflow attack vectors
  • Experience reviewing system configurations, and audit logs to detect backdoors, unsecure settings or potentially malicious activities
  • Experience performing successful social engineering activities to gain access to protected information
  • Experience writing Windows PowerShell and Linux bash scripts
  • Computer programming experience in C++, Java, Python, Perl or related languages preferred
  • Experience performing vulnerability assessments of operational networks including industrial control systems, SCADA HMI systems and associated protocols (MODBUS, DNP3, etc.) a plus
  • Certification preferred: CISSP, CEH, OSCP, and/or GPEN certification
  • Deep knowledge of both Windows and Linux-based platforms including workstations and server
  • Working knowledge of top industry security best practices and procedures, including NIST SP 800-53, OWASP, and CoCS 20 Critical Controls
  • Ability to clearly communicate technical concepts and project information to both technical and non-technical audiences
  • Ability to work in collaborative and team environment
  • Strong written and verbal communication skills in authoring security assessment reports and presentations
  • Excellent interpersonal skills to interact with customers, senior executives, and team members
  • Working at a computer or desk (Considerations: Sitting, Eyes, Hands)
  • May involve long periods of sitting
  • Must be able to support and work in a proactive team environment
  • Completion of required certifications required within six (6) months of hire date
129

Consulting Risk Advisory Security & Privacy Penetration Tester Resume Examples & Samples

  • Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools
  • Identify and clearly articulate (written and verbal) findings to senior management and clients
  • Supervise and provide engagement management for other staff working on assigned engagements
  • Bachelor's degree in computer science or related field from an accredited college/university
  • In-depth knowledge of TCP/IP
  • Configuration and Security experience with firewalls, switches, routers, VPNs
  • Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows
  • Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations
  • Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.)
  • One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc)
  • Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management team
130

Senior Penetration Tester Resume Examples & Samples

  • Plan and undertake security acceptance tests, execute thorough vulnerability assessments and penetration tests on IT, network infrastructure, applications (including mobile and web)
  • Develop internal industrial systems (including ICS, SCADA and PLC systems) security assessment competence and practices, execute well controlled security reviews/audits
  • Actively participate in and execute regular Red/Blue/Purple Team exercises and cyber audits
  • Prepare detailed documentation on all security issues identified, provide accurate reports to project teams and management on technology security matters
  • Work closely with different IT and networks operations, development and project teams to ensure security controls and procedures are understood and successfully implemented and actively monitored
  • Validate baseline security configurations of servers, OSs, applications and networking equipment
  • 8+ years of progressive experience in the information security industry covering vulnerability assessment, management, penetration testing and security assurance activities
  • 5+ years of focused penetration testing experience
  • Strong grasp of and hands-on experience in working with various testing methodologies, standards and tools
  • Information security industry recognized certifications from relevant certification bodies: Offensive Security, GIAC, EC-Council, ISECOM, (ISC)2, etc
  • Manual and automated vulnerability assessment and penetration testing skills
  • Thorough understanding of security principles, practices and standards and how they translate into real world technical solutions
  • Ability to communicate complex technology concepts both at high level as well as on technical level
  • Excellent English communication skills
131

Penetration Tester Resume Examples & Samples

  • Undertaking and delivery of internal and external IT Security Testing of a Client’s nominated IT targets, to include but not limited to IT Infrastructures, mobile devices, applications, web sites, VOIP and the social engineering of staff
  • Scoping testing activity and ensure that testing activity defined in these scopes are delivered to the highest standards
  • Performing job estimates where required
  • Engaging in skills transfer both internally and, when required, with clients
  • Delivering assignments securely on time within budget to client satisfaction
  • Carrying out all assignments in a professional manner to ensure accurate results and recommendations are produced against BlackBerry’s testing and reporting standards
  • Developing and maintain strong relationships with Clients
  • Explanation of the output of an assignment to both technical and non-technical clients. This can be as a formal stand up presentation, written communication/report or a verbal report
  • Project management, where required
  • Ability to balance business impact, cost and risk against technical criticality
  • To maintain the company’s internal security standards and confidentiality of client material as defined in out ISO 27001 2005 ISMS
  • Prior experience in penetration testing
  • Knowledge of some or all of the following languages
132

Penetration Tester, Mid Resume Examples & Samples

  • 2+ years of experience with security, including penetration testing and vulnerability assessments
  • Experience with vulnerability analysis or reverse engineering
  • Knowledge of UNIX or Linux operating systems, TCP/IP protocol stack, and networking tools
  • Knowledge of building and managing virtual systems, including VMware, ESXi, Xen, or Virtualbox
  • Experience with analyzing and executing test plans and procedures
  • Experience with programming in C, C++, C#, Java, ASM, PHP, Perl, Microsoft .NET, Python, or Ruby and Linux or UNIX shell scripting
  • Experience with problem solving using out-of-the-box approaches
  • Knowledge of security frameworks, including ISO 27001 and 27002, NIST, HIPPA, or SOX and the Metasploit framework
  • Knowledge of enterprise-level solution storage and databases, including relational databases, database management systems, enterprise storage systems, or security concerns for these systems
  • CompTIA Network+, Linux+, or CASP Certification
  • Certified Penetration Tester (CPT) Certification
  • Certified Expert Penetration (CEPT) Tester Certification
  • GIAC Certified Penetration (GPEN) Tester Certification
  • Offensive Security Certified Professional (OSCP) Certification
133

Penetration Tester Resume Examples & Samples

  • 3+ years of experience with programming in one or more of the following: PHP, Perl, Python, ruby, bash, C, or C++, including scripting and editing existing code
  • 3+ years of experience with Web application security testing
  • 3+ years of experience with one or more of the following: network vulnerability assessments, network penetration testing, red teaming, security operations, or hunt
  • Experience with security tools, including Burp Suite Pro, Nessus, Nmap, or Metasploit
  • BS degree in CS, Computer Engineering, or a technical field
134

Penetration Tester Resume Examples & Samples

  • 1+ years of experience with Perl, Python, or equivalent scripting languages
  • Knowledge of common vulnerabilities and attack vectors, including OWASP Top 10 and CWE or SANS Top 25
  • DoD 8570 IAT Level III Certification and CEH
  • Possession of excellent technical writing skills, including producing client-ready deliverables
135

Penetration Tester Resume Examples & Samples

  • 1 year of experience in Cybersecurity testing events, including configuration analysis, vulnerability assessments, or penetration testing in a data gathering role, such as a tester or analyst
  • 1 year of experience with using Linux or UNIX–based operating systems, including command line interfaces
  • CompTIA Security+, CISSP, GSEC, CASP, CISA, or Certified Ethical Hacker (CEH) Certification
  • OSCP, LPT, or GPEN Certification
136

Security Penetration Tester Resume Examples & Samples

  • Perform web application, mobile application and network penetration tests
  • Multi-ventures responsibilities – SEA including Lazada and Redmart
  • Perform security reviews of application designs and source code review
  • Develop security standards, policies, automation scripts
  • Work on continuous enhancement of existing methodologies
137

Junior Penetration Tester Resume Examples & Samples

  • 4 years of experience in cybersecurity operational and technical activities
  • Two years of experience in National Institute of Standards (NIST) cybersecurity standards and best practices
  • Possess or obtain within six months of starting on this contract, one industry-recognized cybersecurity certification, such as: Certified Information Systems Security Professional (CISSP), Certification Information System Auditor (CISA), GIAC Certified Incident Handler (GCIH), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Web Expert (OSWE), Certified Ethical Hacker (CEH), or similar Certification and Authorization Professional (CAP)
138

Lead Penetration Tester Resume Examples & Samples

  • Perform complex security related testing, creating test cases, performing manual and automated tests, reporting on problems encountered and documenting test results for follow-up
  • Proven ability to communicate technical issues to technical and non-technical business area representatives
  • Experience in large scale information technology implementations and operations preferred
  • Design, interpret & communicate information security policies & controls
  • Analyze operational IT processes to identify systemic risk issues
  • Bachelor’s degree in Information Systems or related field with adequate experience in the field of information security is acceptable
  • 3-5 years hands-on experience in either: security assurance, penetration testing, or vulnerability management
  • Experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols
  • Extensive ability to transform technical concepts into usable documented material for non-technical users
  • Work on multiple projects simultaneously, set priorities and meet deadlines
  • Obtained certifications in one or more of the following preferred
  • CISSP, GIAC, CEH
139

Red Team Penetration Tester Resume Examples & Samples

  • Conduct a variety of technical penetration testing engagements (external, internal, web application, cloud, social engineering, wireless, etc.) designed to identify where sensitive data can be obtained using unauthorized methods
  • Provide security remediation validation to ensure remediation steps are effective in mitigating the possible exploitation of sensitive data and persevering the integrity and confidentiality of critical information systems
  • Strong knowledge across all operating systems and typical exploits for each OS including being able to chain potential weaknesses together to form a complete exploit
  • Must be technically capable in either infrastructure environments, cloud technologies and/or DevOps concepts/tools/practices
  • Must be a self-starter, able to work under pressure and with limited supervision both individually and with other team members. Must be able to work well with others in a globally and culturally diverse environment. Must be able to successfully prioritize and manage to completion multiple complex tasks and deliverables. Must be able to speak clearly to conduct teleconferences
  • GPEN, OSCP, GWAPT, CEH, or GSEC certification is preferred
140

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with Cybersecurity in an assessment or engineering role, including configuration analysis, vulnerability assessments, or penetration testing
  • 1+ years of experience with Linux or UNIX–based operating systems, including command line interfaces
  • CompTIA Security+ and Certified Ethical Hacker (CEH) Certification within 6 months of hire
  • OSCP Certification a plus
141

Cyber Security Penetration Tester Resume Examples & Samples

  • Burp suite
  • Tenable Nessus
  • Web Inspect
  • Scuba
142

Senior Penetration Tester Resume Examples & Samples

  • Undertake and deliver internal and external IT Security Testing of a Client’s nominated IT targets, to include but not limited to IT Infrastructures, mobile devices, applications, web sites, VOIP and the social engineering of staff
  • Scope testing activity and ensure that testing activity defined in these scopes are delivered to the highest standards
  • Perform job estimates where required
  • Engage in skills transfer both internally and, when required, with clients
  • Deliver assignments securely on time within budget to client satisfaction
  • Carry out all assignments in a professional manner to ensure accurate results and recommendations are produced against the business testing and reporting standards
  • Develop and maintain strong relationships with Client’s, representing the business to a professional and high standard at all times
  • Report-writing to agreed standards
  • Balance business impact, cost and risk against technical criticality
  • Responsible for adhering to existing ISO27001 / 9001 policies and procedures, including but not limited to, the reporting of any potential information security related incidents
  • Maintain the company’s internal security standards and confidentiality of client material as defined in out ISO 27001 2005 ISMS
  • Work consistently to the highest standards possible
  • Take responsibility for personal development, learning and performance levels
  • Perform other duties assigned by the Line Manager from time to time
  • Comply with Health and Safety procedures as outlined by the Companies Health and Safety Policy
143

Penetration Tester, Cyber Security Services Resume Examples & Samples

  • Perform network and application layer vulnerability assessments and penetration tests
  • Conduct wireless security assessments
  • Monitor project timelines against targets and adjust where necessary; advise clients of project status and issues within a timely manner
  • Attend internal MNP courses to further develop knowledge around performance improvement
144

Penetration Tester Resume Examples & Samples

  • 3+ years of experience with software testing, including full time hands on Web application penetration testing in a variety of diverse environments
  • Experience with information security operations or equivalent IT operational functions
  • AA or AS degree
  • CompTIA Net+, CompTIA A+, CompTIA Security+ or CPTC – Certified Penetration Testing Consultant, or ECSA – EC-Council Certified Security Analyst GSEC Certification
145

Penetration Tester, Cyber Security Services Resume Examples & Samples

  • Assist in scoping and developing Statements of Work based on client requirements
  • Ability to perform network and application layer vulnerability assessments and penetration tests
  • Capability to present assessment results to technical and non-technical audiences
146

Penetration Tester, Senior Resume Examples & Samples

  • 5+ years of experience with technical Cybersecurity
  • Experience with Bash scripting, basic Perl, Java, or Python, and malware analysis tools
  • Knowledge of military avionics systems, including control bus, such as MIL–STD–1553 and messaging protocols, such as ARINC 429, real–time operating systems, such as Green Hills Integrity and Lynx OS, and air platform communication physical or networking interfaces
  • Ability to achieve a passing grade on a client qualification exam within 3 months of hire
  • Experience with multi–vector penetration testing using Core Impact preferred
  • Ability to work in a fast–paced environment
  • 8570 IAT Level II Certification preferred
147

Penetration Tester Resume Examples & Samples

  • 3+ years of experience with software testing, including full time hands on Web application penetration testing in a variety of diverse environments
  • Experience with information security operations or equivalent IT operational functions
  • Identify and demonstrate vulnerabilities that may be used by an adversary to exploit components of the target systems
  • Plan and execute Information Assurance evaluation tests and document test results in a formal document
  • Identify and demonstrate vulnerabilities that may be used by an adversary to exploit the entire target system
  • Lead the Information Assurance evaluation of target systems, including developing threat models, conducting security analysis and testing, demonstrating vulnerabilities and documenting the results
148

Minneapolis Technology Consulting Security & Privacy Penetration Tester Experienced Senior Consultant Resume Examples & Samples

  • Understanding of the importance of business ethics
  • Proficiency in utilization of information security tools such as Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect and Nikto, and manual techniques to exploit vulnerabilities in the OWASP top 10 including but not limited to cross-site scripting, SQL injections, session hi-jacking and buffer overflows to obtain controlled access to target systems
  • Ability to perform network traffic forensic analysis, utilizing packet capturing software, to isolate malicious network behavior, inappropriate network use or identification of insecure network protocols
  • 3+ years hands on experience in one or more of the following Operating Systems: Windows Server 2003/2000/NT, Linux and UNIX
  • Attack and Penetration experience in testing of Internet infrastructure and Web-based applications utilizing manual and automated tools
149

Senior Penetration Tester, Assistant VP Resume Examples & Samples

  • Expert level experience with web and mobile penetration testing and code review using automated tools, manual testing, and custom developed scripts and process chaining
  • Strong communication skills (i.e. written and verbal)
  • Reliable time management and organization skills
  • Ability to risk rate and documenting technical issues identified during security assessments
  • Scripting/programming skills (e.g., Python, Powershell, Java, JS, etc.)
  • Experience with threat modeling and security design review methodologies
  • Ability to work both independently and in a highly collaborative team environment
  • Professional software development experience (1+ year)
  • CISSP, OSCP OSCE, GWAPT, GCIH, GPEN, certification is helpful, but not required
  • Advanced security or application development training is beneficial
  • Thick client application penetration testing
  • Network penetration testing (external & internal), to include vulnerability exploitation and pivoting to gain remote system access
  • Vulnerability research and exploit development
  • Wireless security knowledge and testing experience
  • Applied security research
  • Working knowledge of cryptography fundamentals
  • Threat Analytics
  • Red Team experience
150

Red Team Penetration Tester, Mid Resume Examples & Samples

  • 3+ years experience with Cybersecurity vulnerability testing with a focus in Red Team and Penetration test missions
  • Experience with using vulnerability scan tools
  • Knowledge of DOD enterprise backbone, Server and Workstation Devices, including Windows, Unix, and Linux, Network Devices, including Routers, Switches, and Video Teleconference, Storage Devices, including Fiber Channel Switches, Network Attached Storage, and Storage Controllers, Applications, including Web, Database, E-mail, FTP, and SSH, and Security Devices, including Firewalls, Intrusion Detection Systems, and Web Content Filters
  • BA or BS Degree
  • DoD 8570 - IAT II Certificaiton, including CCNA - Security, CISP, GSEC, Security+ CE, or SSCP)
  • Technical or administrator certification, including Linux+ or equivalent within six months after start date
  • Experience with vulnerability scan tools, including ACAS, HP Fortify, OAT Scan, Web Inspect, BurpSuite, CheckMarx, Nessus, AppScan, GitHub, or WebInspect
  • Experience in working with DoD STIGs and STIGviewer, SCAP Compliance Checker, and Open SCAP
  • Ability to be well-organized and thorough, and to handle competing priorities
  • Possession of excellent oral and written technical communication skills
  • BA or BS degree in IT, Cybersecurity, or a related field
  • IAT III Certificaition, including CASP CE, CISA, CISSP or Associate, GCED, GICSP, or GCIH
151

Security Penetration Tester Resume Examples & Samples

  • Perform security reviews of application designs, source code and deployments as required, covering all types of applications (embedded software, web applications and web services, mobile applications)
  • Participate in Security Assessments of systems and applications
  • Minimum of two years of working experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
  • CEH, CPT, CEPT, CSSLP, CISSP, OSCE, LPT, CREST ACE, GIAC, CISA, OSCP, CompTIA SECURITY+ or other information security certifications
  • Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE, Python, PERL
  • Security framework experience (e.g. ISO 27001/27002, NIST, PCI, FIPS etc.)
  • Penetration testing experience of IoT devices
  • Experience with various security tools and products (e.g. Nessus, Burp, metasploit framework, OpenVAS)
  • Good understanding of the components of a secure SDLC
152

IT Security Specialist / Penetration Tester Resume Examples & Samples

  • Be responsible for performing manual penetration testing and communicating your findings to both Business and Developers
  • Contribute by providing SME advice during design and development phases, to help eliminate security vulnerabilities at the very beginning of the development lifecycle (basically preventing exposures from actually going into production)
  • Prepare and perform penetration testing covering the scope identified and agreed during scoping, perform security research
  • Communicate test results to the Business and to Developers in an understandable and actionable way
153

Intern, Penetration Tester Resume Examples & Samples

  • Design, develop and gain hands on experience in application security, offensive research and threat emulation while working side by side with our team
  • Exercise Python, PowerShell and C++ skills while deep diving into expanding industry tool sets (Metasploit, CobaltStrike, and Empire)
  • Learn Windows Active Directory while operating in a stealthy manner in high security environments
  • Although the projects may vary depending on your skills and background, we guarantee a small team environment with people that are willing to take the time to teach and mentor you
  • Ability to follow complex instructions and work independently
  • Excellent analytical and interpersonal skills
  • Strong aptitude for working on multiple projects in a fast-pace environment
  • Experience with any of the following Languages: Python, PowerShell, C#, C/C++, Go, Java (Windows / Mac / Linux)
  • Experience with multiple common operating system
  • Experience with industry standard testing frameworks is a plus: Burp Suite, Metasploit, Empire, CobaltStrike, PowerSploit, etc
  • Experience with conducting manual testing of applications is a plus
  • Any offensive security experience or related certificates (OSCP, OSWP, OSCE, GPEN, GWAPT, GXPN)
  • Any networking or secure network design certificates (CCNA, CCNP, etc.)
  • Available at least 20 hours per week
154

Red Team Penetration Tester Resume Examples & Samples

  • 3+ years of experience with Cybersecurity
  • Knowledge of leveraging Open Source penetration testing tools, including Metasploit and the Kali Linux tool set
  • Ability to assist with remediation efforts for discovered vulnerabilities
  • Ability to operate in organized security testing engagements with little assistance and display excellent teamwork expertise
  • Experience with executing Web application, network, and system penetration tests for customers
  • Experience with scripting in Python or Ruby preferred
  • Possession of excellent oral and written communication skills to communicate effectively and professionally with clients, teammates, and senior leadership
155

Penetration Tester Resume Examples & Samples

  • Formulate scenarios and potential attacks that a malicious attacker may use/perform in order to gain control of the Time Inc. network
  • Identify, document, measure and communicate technical Information Security risks across the organization’s data networks, systems, and applications using blended toolsets and exploitation techniques to identify attack surfaces
  • Versed understanding of coding and scripts, and provide best coding practices in agile development model
  • 3-5 years of combined application and network penetration, AppSec, wireless security, and vulnerability management experience
  • Knowledge and ability to conduct internal, external, social, wireless, and application penetration testing using a wide variety of exploitation techniques, tools, and procedures
  • Advanced knowledge and hands-on experience with attack methodologies
  • Strong experience with penetration testing tools such as Kali, Burp Suite, Qualys Guard, Cenzic, Metasploit, OWASP ZED, sqlmap, nosqlmap, WPScan, Nessus, NMAP, etc
  • Versed in three or more programming and scripting languages such as HTML5, Java, Python, Ruby, Perl, Bash, PowerShell
156

Web Application Penetration Tester Resume Examples & Samples

  • Risk Assessments (Projects or Programs)
  • Data Loss Prevention
  • User Access Reviews
  • Regulatory Compliance; i.e. PCI
  • Security Reporting Tracking & Tools: i.e, Archer
  • Vulnerability Scanning & Mitigation
  • EDiscovery and Forensics
  • Incident Response Coordination
  • Communications and Awareness
  • Knows, understands, incorporates and demonstrates the Trinity Health Mission, Vision and Values in behaviors, practices and decisions
  • Develops designs and operates one or more information security domains. Provides technical consultation and assistance in identifying, evaluating and documenting use of systems and other related services to ensure compliance with EIS policies
  • Resolves complex security issues, and mitigates threats and vulnerabilities across an Information Security service. Reviews various system and technical documents and applies security templates. Defines security configuration and operational standards for security systems and applications
  • Interacts with multiple vendors to ensure a cohesive client-vendor relationship that maintains and upholds services in the best interest of Trinity Health
  • Provides guidance and direction on enterprise security procedures, security technology, and security design work; works with business stakeholders to define Information Security processes. Works collaboratively with other security professionals and Security Managers to standardize information security industry best practices
  • Contributes to the creation of department procedures, standards and documentation for all information security services. Utilizes excellent verbal and written communication skills
  • Participates in the creation of annual objectives and tactical plans. Responsible for the prioritization of Infrastructure investments and maintenance involving IT security
  • Represents the EIS Director, when applicable, on EIS matters as well as serve as EIS liaison with MO Security and Privacy Officials
  • Participates in the development and promotion of Information Security information for general awareness
  • Participates in site-specific meetings. Participates in the creation of the development and implementation of annual objectives and tactical plans to achieve strategic planning initiatives. Monitors or enforces security policies, procedures and standards to ensure conformance with TIS objectives
  • Ensures all projects and services meet Trinity Health Information security and regulatory standards, policies and procedures while delivering business requirements
  • Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior
  • Bachelor’s degree or an equivalent combination of education and experience
  • Minimum of five (5) years of progressive experience in information services including three (3) years in information security, including experience in compliance with federal and state security regulations
  • Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA) or equivalent required
  • Must possess a good understanding of enterprise security best practices relating to implementing and managing enterprise security solutions
  • Working knowledge of HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security
  • Experience with administrative and technical assessments as well as enforcing organizational compliance
  • Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic
  • Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer
  • Ability to work under general direction, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and work load
  • A personal presence which is characterized by a sense of honesty, integrity and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals and values of Trinity Health
157

Red Team Penetration Tester Resume Examples & Samples

  • 3+ years of experience with Cybersecurity vulnerability testing with a focus in Red Team and penetration test missions
  • Knowledge of DoD enterprise backbone, server, and workstation devices, including Windows, UNIX, and Linux, network devices, including routers, switches, and video teleconference, storage devices, including fiber channel switches, network attached storage, and storage controllers, applications, including Web, database, e-mail, FTP, and SSH, and security devices, including firewalls, intrusion detection systems, and Web content filters
  • DoD 8570 - IAT II Certification, including CCNA - Security, CISP, GSEC, Security+ CE, or SSCP
  • Technical or Administrator Certification, including Linux+ or equivalent within six months after start date
  • Ability to produce briefings and reports for a senior-level audience
  • Ability to develop effective working relationships that improve the quality of work products
  • Ability to be well-organized and thorough and handle competing priorities
  • IAT III Certification, including CASP CE, CISA, CISSP or Associate, GCED, GICSP, or GCIH
158

It-penetration Tester Resume Examples & Samples

  • Perform network, web, app, mobile and social penetration testing assessments
  • Ability to develop detailed penetration testing reports that can speak to multiple audience types
  • Understand exploits at a finite level before using them
  • Able to develop custom scripts, exploits, and tools
  • Must be strong in privilege escalation techniques
  • Must be able to aid in scoping, leading tests, and managing process to delivery
  • Active in InfoSec community (OWASP, Cha-Ha, 2600, Speaker)
  • 3 - 5 years of Pen Testing experience
  • Military or Government security experience is a big plus
  • Knowledge of the following scripting languages: JavaScript, PowerShell, Bash, Python, Ruby
  • Industry level certifications such as Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP)
  • Experience with different flavors of SQL
  • Experience with app sec and app sec remediations
  • Red teaming experience
  • Special considerations
  • General security hacker look welcome (piercings and tattoos) Tools Knowledge Metasploit, Acunetix, Burpsuite, Kali, SQLmap, SoapUI, w3af, ZAP,SQL NINJA, BeEF, ettercap, Aircrack-ng, Tamper Data, WebScarabNG, Maltego, SET o Education: Associates Degree or a combination of education plus equivalent work experience
159

IT Security Penetration Tester Resume Examples & Samples

  • Associates Degree/Technical Diploma or higher from an accredited institution
  • Minimum of five (5) years of IT experience
  • Experience conducting penetration tests
  • Experience working with multiple operating systems
  • Bachelors Degree from an accredited University
  • Three (3)+ years of experience conducting penetration tests
  • A desire to learn
  • Passion for security
  • Ability to explain complex technical issues to non-technical persons
  • Technical understanding of OWASP top 10
  • Familiarity with SANS 20 Critical Controls
  • Experience as a systems architect and/or systems administrator
  • Experience as an application developer/architect
  • Experience working with process control systems
  • (2) or more security industry certifications (CISSP, CISM, CEH, OSCP, GPEN, GWAPT)
  • Understanding of Chemical Facility Anti-Terrorism Standard (CFAT)
160

Senior Penetration Tester Resume Examples & Samples

  • Perform/Review security risk assessment, threat analysis artifacts
  • Plan,/Design/Execute security testing related artifacts and activities
  • Write Security Test strategy, Test Cases, Remediation Plan, and Security Test Report
  • Prepare Security Testing environment to test ready
  • Conduct Dynamic Security Scans, Manual validations/Pen Testing, and other Security Testing activates
  • Validate false positives by executing manual penetration testing effort
  • Conduct Remediation Strategy Discussions and User Review Sessions
  • Coordinate projects and defect related meetings and triage activities
  • Coordinate and execute efforts with Web Inspect, Burp Suite Pro, Wireshark and other security QA tools as appropriate
  • Publish security. test reports, track vulnerabilities/defects and preserve post projects/defects testing artifacts in agreed upon repositories
  • Contribute in developing Security testing roadmap, Adopt security best practices, and Implement new ideas and innovations according to the industry trends
  • Test Application Security and expose vulnerabilities from front end, backend, database, API, Cloud and Network/Infrastructure
  • Conduct Web/API security testing
  • Participate in Mobile, Network, Perimeter, WIFI and other security testing as needed
  • Adhere to the Security and Quality Assurance (QA) best practices and work for delivering Secured and Quality products
  • Advocate secured development practice to development, business analysis and other groups
  • Highly motivated individual that assumes ownership of their projects
  • Ability to act as a liaison between security and the development and QA teams
  • Strong desire and capacity to learn and support new financial applications
  • Ability to facilitate meetings and conversations
  • Ability to write clear and concise documentation including Security Test strategy, Test Cases, Remediation Plan, and Security Test Reports
  • Highly collaborative – comfortable sharing ideas and asking questions with all levels of staff
  • Ability to work both independently or on a team with tight timelines and minimal supervision
  • Possess solid understanding of business process, systems knowledge
  • Possess solid understanding of Security, Project Management and QA Methodology, Policy, Process, Tools
  • Client/Server exposure (i.e. Java, JSP, Servlet, Linux, UNIX, SQL)
  • Mainframe exposure (i.e. COBOL, JCL, IDMS/ADSO, CICS)
  • Database exposure (i.e. SQL Server, DB2)
  • Shell \ Perl scripts exposure
  • Strong with DB2 / PL SQL
  • Strong with TLS, SSL
  • Exposure and good understanding of Middleware, F5, Siteminder, Entrust
  • Good knowledge of Java, J2EE, .NET
  • Good understanding of JSP, JTA, JMS and Spring framework
  • Good understanding of Front End Web applications
  • Knowledge of XML technologies (SOAP, REST API, JAXB, WSDL, XML)
  • Strong Understanding and Experience on HP Web inspect, Burp Suite Pro, Wireshark, Nessus, Nmap, Kali Linux, SQL Map, Metasploit,, Zap Proxy, Veracode, Aircrack, Nikto, Maltego etc
  • Strong understanding of Web Application, Mobile, Network, WIFI, API security testing
  • Sound understanding on Cloud Security Testing
  • Good understanding of cryptography
  • Sound understanding on Security Testing Frameworks
  • Sound understanding on Security Vulnerability Management
  • Bachelor’s degree in Computer Science or a related discipline or an equivalent combination of education and work experience
  • Minimum 5-7 years of work experience
  • Minimum 5 years of experience with Security Testing
  • Sound in Analyzing, Planning, Performing, and Reporting Security Testing related activities
  • Advanced knowledge in Application Security Testing
161

Security Assessment & Authorization Penetration Tester Resume Examples & Samples

  • 5+ years of experience in two or more of the following: network vulnerability assessments, Web application security testing, network penetration testing, or red teaming
  • Experience with tools, including Nessus, WebInspect, AppDetective, Hailstorm, Metasploit, Burp Suite Pro, Aircrack–ng, and Kismet
  • Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff
  • Ability to obtain a security clearance required
  • Experience with programming at least one of the following: Perl, Python, Ruby, Bash, C or C++, C#, PHP, iOS, SQL, or Java, including scripting and editing existing code
  • Experience with assembly languages, including x86 or reverse engineering
  • BS degree in Computer Engineering, CS, or a technical field preferred
  • DoD–8570 Certification
162

Junior Penetration Tester Resume Examples & Samples

  • Perform penetration testing and red teaming activities to identify and evaluate potential vulnerabilities in various Sony information systems and hardware
  • Utilize knowledge of threats to enable proactive cyber hunting activities
  • Ensure effective coordination and planning for testing activities with system owners and business stakeholders
  • Provide in depth technical expertise for remediation of identified issues
  • Innovate new tradecraft/tools to adapt to changing environments
  • Bachelor’s degree in an appropriate field, such as Computer Science, or equivalent professional experience
  • Experience or internships in information security and penetration testing or red teaming
  • Experience developing and refining threat-informed defense-in-depth security architectures preferred
  • Knowledge of prevalent operational security tactics and techniques (vulnerability exploits and countermeasures, remote access Trojans and related persistence techniques, lateral movement, social engineering, etc.)
  • Knowledge of advanced persistent threat methodologies
  • Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise language
  • Ability to collaborate and communicate effectively and tactfully with both business-oriented executives and technology-oriented personnel
  • Ability to participate in multiple projects simultaneously that involve key stakeholders across a globally-distributed and federated enterprise
  • Ability to travel domestically and internationally as required, up to 5%
  • All candidates must be authorized to work in the USA
163

Security Engineer, Penetration Tester Resume Examples & Samples

  • Perform application security testing on internal and external Box applications
  • Perform Code Reviews during penetration tests
  • Document exploit chain/proof of concept scenarios for dev teams consumption
  • Build and contribute to custom internal security tools such as fuzzers, burp extensions, etc
  • Tracking and researching the latest attacks and how they might apply to our environments
  • Configure, run and monitor automated security testing tools
  • Participate in red-team activities
164

Cyber Penetration Tester Resume Examples & Samples

  • Continuously evaluate cyber testing that can be automated and integrated into standard Integration & Test plans
  • Contribute to highly complex designs by applying cyber-focused engineering practices to the architecture and design systems and software to better detect, diagnose and remediate anomalies in systems
  • Conduct software analysis of existing code to identify weaknesses, validate weaknesses, design mitigations, validate mitigation effectiveness
  • Apply advanced knowledge in field to documents design decisions and mitigations that affect system exposure to exploit vulnerabilities
  • Resolve highly complex technical issues
  • Knowledge of cyber security principles (authentication, authorization, encryption, non-repudiation, etc.)
  • Recent experience scripting in Python or another high-level scripting language (Perl, Ruby, etc.)
165

Senior Cloud Security Penetration Tester Resume Examples & Samples

  • Lead and participate in architecture decisions, product designs, code reviews and implementation details to ensure a low risk product deployment, and then test it for validation
  • Perform testing/validation to determine compliance to technology baselines and minimize threat exposure
  • Penetration testing activities will be focused primarily on IaaS and PaaS applications, but will include the entire stack that comprises the Oracle Cloud
  • As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures
  • Collaborate with key stakeholders to address risks and appropriate levels of urgency to management and engineering staff based on your findings
  • Balance many tasks and projects in a fast-moving, innovating environment
  • Use off-the-shelf, open source or custom code to perform rigorous testing against systems
  • Create repeatable processes for continuous testing and assurance of quality following a proven teting methodology you define
  • Deliver self-service security metric data of discovery, triage and trending analysis of team findings
  • Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of services and/or products
  • Evaluate and recommend new and emerging security solutions and technologies to issues
  • Effectively communicate security concepts with both technical and non-technical individuals
  • Bachelor’s or Master’s degree in Computer Science or related field, or equivalent experience
  • 4+ years of experience in security engineering, penetration testing, and/or technical operations (with at least 2 of those years in a security-related role)
  • Familiarity with MVC based frameworks and common web programming languages is required
  • A background in development and debugging and common application penetration testing tools
  • Experience working in a large cloud or Internet software company preferred
  • Prior DevOps or continuous delivery and deployment experience preferred
  • Experience in automation tooling for active and pro-active testing
  • Extensive hands-on knowledge of system administration and Linux/UNIX operating systems
  • Proficiency in one or more modern programming languages (Java, C++, Ruby, Python, Perl, etc.)
  • Knowledge of operational security tools and practices (e.g. IDS, firewalls, & 3rd-party security products)
  • Understanding of web services, distributed systems, and web application development
  • Ability to both work independently with minimal direction and to collaborate effectively with local and remote teams with a strong customer focus
166

Security / Penetration Tester Resume Examples & Samples

  • As a member of the technical/process QA division, develop quality standards, control methods and theories to be utilized during manufacturing, testing, and inspection to access product quality
  • Demonstrates good judgment in selection methods and techniques for obtaining solutions
  • Experience with web service security testing using state-of-the-art tools
  • Hands on penetration testing of web interfaces
  • Experience with running, analyzing, and triaging of the reports generated by scanners (e.g. Web Inspect, Burp Suite)
  • Experience with client-server and P2P applications
  • Experience with various operating systems (Windows, Android, Linux, iOS)
  • Work in Virtualized Environments (Oracle, Vshere)
167

Senior Lead Penetration Tester Resume Examples & Samples

  • Master’s Degree in Computer Science or related fields a major plus
  • 5+ years of IT or IT Security experience
  • Strong “quality focused” approach to service delivery
  • 2+ years of experience with penetration testing against internal and external facing corporate infrastructures
  • Understanding of Security architecture both from a penetration testing and design point of view
  • Ability to communicate security risks to both technical and business audiences
  • Strong technical ability in security related architecture design and assessment (manual approach to penetration testing)
  • Understanding of Application Security concepts
  • Good understanding of exploit research and mitigation
  • A strong understanding of web technologies, solutions and attack vectors that apply to application technologies
  • A preferred candidate would have experience of Security source code review or development experience in C/C++, C#, VB.NET, ASP, or Java
  • Ability to conduct research and develop; building tools for use by internal teams as well as vulnerability research would be a significant advantage to a candidate
  • Knowledge of IDS and AV evasion techniques
168

Penetration Tester Resume Examples & Samples

  • 2+ years of experience with penetration testing against a wide variety of applications including web, mobile, and thick client above and beyond running automated tools
  • Experience documenting technical issues identified during security assessments and recommending improvements in the existing service support tools and “standard findings”
  • Solid understanding of OWASP and other software security best practices
  • Strong technical ability in current application and infrastructure testing methodologies
  • Good understanding of current “high impact” and “well known” application and infrastructure vulnerabilities
  • Experience with programming languages and associated usage within penetration test assessments
  • Experience with assessment tools, such as scanners, administrative utilities, local proxies, debuggers, fuzzers, etc
  • Knowledge of threat modeling methodologies
169

Security Consultant, Penetration Tester Resume Examples & Samples

  • Provides sales team with technical and security expertise in support of business development activities. Participates in sales calls, helps scope projects, provides pricing estimates and creates pre and post sales documentation
  • Receives work assignments and timelines from the Project Manager. Communicates with the Project Manager to keep the PM up-to-date on project status
  • Provides clients with consulting services during a contracted engagement. Works within area(s) of expertise (e.g., penetration testing, social engineering testing, framework compliance, etc.)
  • Executes compliance initiatives including third-party reviews, regulatory reviews and due diligence initiatives
  • Reviews all findings and recommendations and works with assessment team to determine appropriate actions
  • Understands and identifies business processes specific to the client's environment and the appropriate risk management practices. Makes recommendations for improvement of processes and controls
  • Creates and presents clients with reports detailing methodology, findings, recommendations and remediation activities to increase security within the target environment
170

Application Penetration Tester Resume Examples & Samples

  • PenTesting Methodologies
  • Vulnerability Scanners
  • Defense-In-Depth Concepts and Methodologies
  • Unix/Linux OS
  • Windows OS
  • Network Technologies
  • Database Technologies
  • Application and Middleware Technologies
  • Strong Application Development skills
  • SANS GWAPT
  • SANS GPEN
  • CEH
  • GIAC
  • CISSP
171

Cyber Security Penetration Tester Resume Examples & Samples

  • Support resolutions for highly complex malware and intrusion issues
  • Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to
  • A minimum of a Bachelor's degree with 5 years experience conducting penetration assessments or 4 years experience in lieu of a BS
  • Understanding of pentesting framework and processes
  • Knowledge of LAN security, firewalls, intrusion detection/prevention, administration of servers, workstations, and other IT devices
  • Knowledge of IA policy to include PCI, HIPAA, FTI
  • Requires a practical level understanding of common TCP/IP-based services, including DNS, DHCP, HTTP, FTP, SSH, SMTP, etc
  • Practical understanding of Windows and Linux/UNIX-based system administration
  • Conceptual understanding of Vulnerability and Risk Assessments; these processes may include scanning with authorized tools and/or scripts (SCAP, Retina, Nessus, scripts, MBSA, etc)
  • Comprehensive knowledge of Office applications such as Word, Excel, and PowerPoint
  • Candidates should be proven team players with excellent oral and written communications skills. Frequent interaction with government client is required
  • Highly motivated and creative
  • A working knowledge of network security analysis using industry standard intrusion detection systems (e.g., Snort, McAfee, IBM, Cisco)
  • A working knowledge and experience with pentesting tools (e.g. Metasploit, BURPSUITE)
  • Ability to customize audit template files in support of risk and vulnerability assessments (such as Nessus, CIS benchmark, Microsoft SCM)
  • Basic to intermediate scripting (Python, Perl, RegEx, WSH, Powershell)
  • Experience administering Windows and Linux/UNIX-based systems
  • Experience in interpreting security policy
  • Able to obtain or have any of the following certifications: GPEN, CEH, GAWN, GWAPT, LPT, GPYC, CPT
172

Penetration Tester Resume Examples & Samples

  • Liaise with the Business to get full understanding of the applications and infrastructure being tested, their risk profiles, and expected security features
  • Prepare and perform penetration testing covering the scope identified and agreed during scoping
  • Perform security research
  • Provide subject matter expert advice to both the Business and Developers on security related topics
173

Penetration Tester Resume Examples & Samples

  • 3+ years of experience with programming in one or more of the following: Python, Ruby, Bash, C, or C++, including scripting and editing existing code
  • 3+ years of experience with Web Application security testing
  • Experience with security tools, including Burp Suite Pro, Nessus, Nmap, and Metasploit
  • Offensive Security, SANS, or Cisco certifications
174

Security Penetration Tester JSF Program Resume Examples & Samples

  • Experience should include at least one (1) year as a team leader or supervisor and one (1) year performing computer scientist functions such as providing Cybersecurity guidance, Computer Network Defense (CND) analysis, and/or performing Black, Grey, and/or White box penetration testing
  • Prior experience working with technical security controls; programming with Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages; and applying vulnerability assessment and applying penetration best practices and testing techniques is preferred
  • Proficiency with using the internet and with Microsoft products including operating systems, e-mail, Word and Excel is required
  • This position requires Baseline DoD 8570.01M certification for IAT Level II certification (CompTIA Security+ or higher certification) and a current U.S. DoD final Secret Security Clearance
  • Preferred security-related certifications include cISSP, GIAC/GPEN, GIAC/CEH, OSCE, or OSCP
  • Standard office equipment and machines, computer workstation
  • Must demonstrate professional behavior at all times when dealing with clients, management and employees
  • Must hold the safety of yourself and those around you as the number one priority in the workplace
  • Current driver’s license, car registration and auto insurance required
  • Completion of required certifications required within 6 months of hire date
  • U.S. Citizenship and possession of a U.S. DoD Secret Security Clearance
175

Senior Penetration Tester Resume Examples & Samples

  • Demonstrated experience of Red Team penetration testing and audit
  • Familiarity with vulnerability assessment and penetration best practices
  • Experience with penetration testing techniques and tools
  • The following qualification is preferred: Offensive Security Certified Professional (OSCP),
  • One or more of the following qualifications would be a plus: CISSP, GPEN, GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE)
  • Security testing tools including Metasploit, Kali, Nmap, Nessus, Burp Suite
  • Microsoft Active directory and other technologies
  • Wireless technologies
  • Web application technologies
  • Cisco, Sourcefire and PaloAlto implementation (operational and security)
  • Telephony Technologies (analog and IP)
  • Physical security
  • Source code analysis software
  • Intermediate to advanced Microsoft Office Suite (i.e., Word, Excel, PowerPoint)
176

Senior Analyst, Penetration Tester Resume Examples & Samples

  • Identify, document, measure and communicate security risk analysis across the organization’s data networks, systems, and applications using standard and non-standard tools and exploitation techniques
  • Create attack scenarios that a malicious actor may perform to gain access to the Time Warner’s networks, systems, applications or endpoints
  • Conduct technical penetration testing including but not limited to external/ internal infrastructure, web application, cloud, and WiFi to identify or gain access to sensitive data
  • Communicate findings, recommend and validate remediation to technical staff and executive leadership
177

Penetration Tester Associate Resume Examples & Samples

  • CERTIFICATIONS: (One or more required) CompTIA Net+, CompTIA A+, CompTIA Security +, Certified Penetration Testing Engineer or Certified Ethical Hacker, GSEC, GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT)
  • CLEARANCE: Must be able to obtain a Position of Public Trust Designation - US Citizen or Green Card Holder. Willingness to submit to a Tier 5 Single-Scope Background Investigation (SSBI)
  • Ability to work well with other organizations and personnel with disparate backgrounds
178

Penetration Tester Senior Resume Examples & Samples

  • Selects the appropriate technical tests, network or vulnerability scan tools, and/or pen testing tools based on review of requirements and purpose; lists all steps involved for executing selected test(s) and coaches others in the use of advanced research, development, or scan tools and the analysis of comparative findings between proposed and current technologies
  • Performs joint interoperability testing on systems exchanging electronic information with systems of other services or nations, and determines whether the system is certified as interoperable based on analysis of results; provides recommendations on how to enable systems to operate effectively together
  • Prepares documents by tailoring technical information and creates benchmark or security authorization reports; outlines key findings related to speed, risks, results and reliability, and recommends acceptance or rejection of technology for applied use
  • Performs Security Control Assessments on systems to validate the results of risk assessments and ensure controls in the security plan are present and operating correctly on the system; provides thorough report of the risks to the system and its data
  • Executes tests by following the steps and procedures listed in a test plan and documents results in a standardized format that is appropriate for future analyses
  • Assists in the coordination of technical tests, network scans, and/or vulnerability scans that support the evaluation of information safeguard effectiveness
  • Identifies the various types of tests including conformance testing, developmental testing, joint interoperability testing, operational testing, and validation testing
  • Critical thinking skills, both qualitatively and quantitatively
  • Ability to communicate effectively both written and verbal
  • Strong technical, analytical and interpersonal skills
179

Cyber Vulnerability Analyst & Penetration Tester Resume Examples & Samples

  • Significant practiced experience executing and leading vulnerability assessment and penetration testing engagements. Significant, demonstrated knowledge regarding security vulnerabilities, application analysis, and protocol analysis; with a specialization in at least two subject areas
  • Significant experience with Linux and Windows operating systems
  • Practiced experience with common programming or scripting languages
  • Exploit development experience a plus
  • Ability to interpret and prioritize vulnerability scan results into remediation actions, track those actions through to completion, and transfer knowledge to others
  • Demonstrated ability to prepare documentation and presentations for technical and non-technical audiences
  • Ability to understand and articulate information security risks associated with vulnerability and penetration testing
  • Knowledge of patching programs ofmajor hardware/software manufacturers
  • Significant experience with classes of vulnerabilities, appropriate remediation, and industry standard classification schemes (CVE, CVSS, CPE)
  • Typically requires 6 years Security Analyst experience with 5+ years experience performing vulnerability assessments and penetration testing
180

Senior Penetration Tester Resume Examples & Samples

  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
  • Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff
  • Ability to successfully interface with clients (internal and external)
  • Ability to manage and balance own time among multiple tasks, and lead junior staff when required
181

Penetration Tester Resume Examples & Samples

  • Must be a U.S. citizen and able to obtain and maintain a National Security Clearance
  • Bachelor degree in Information Technology/Computer Science, and/or equivalent work experience
  • Approximately 6 months of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols
  • Penetration Testing experience with Web Applications, Operating Systems, Network Equipment, Wireless, Mobile, Databases
  • Experience testing web applications for common web application security vulnerabilities including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues
  • Hands-on experience with commercial and open-source network and application security testing tools
  • Expert in programming languages and Operating Systems; Python, Perl, Java, Shell Scripting, Windows/*NIX
  • Tools – Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
  • Demonstrated ability to work on multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment
  • Team player with excellent consultative skills, and the proven ability to work effectively with client, internal management and staff, vendors and consultants
  • Information Security consulting experience, providing subject-matter expertise on a range of information security topics
  • Experience with NIST 800-37 and NIST 800-30
  • Experience with Hardware Hacking and Exploit Development
  • OWASP
182

Penetration Tester Resume Examples & Samples

  • Experience in documenting technical issues identified during security assessments
  • Infrastructure and web application penetration testing experience
  • Knowledge of common web application issues, such as XSS and SQli
  • Common scanning tools experience, such as nmap, Nessus and Burpsuite
  • Experience of local area and wide area networking principles and concepts. (LAN / WAN)
  • Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
  • Experience in communicating and reporting effectively with various levels of technical and non-technical stakeholders
  • Knowledge of common network tools (e.g., ping, traceroute, nslookup, tcpdump/wireshark, etc.)
  • System administration, network, and operating system hardening techniques
  • Understanding of OWASP, CIS and other security benchmarks
  • Knowledge of Unix, Windows security configurations and vulnerabilities
  • Undergraduate degree (preferably 2:1 or higher) in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math) is preferred
  • Penetration testing certifications such as CREST Certified Tester (CRT) or Offensive Security Certified Professional (OSCP) are strongly preferred
183

Penetration Tester Resume Examples & Samples

  • Develop scripts, tools, or methodologies to enhance Mandiant’s red teaming processes
  • Ability to travel up to 30%
  • Ability to document and explain technical details in a concise, understandable manner
184

Security Penetration Tester Resume Examples & Samples

  • Conduct manual application and network penetration testing
  • Provide expert security advice/remediation to clients
  • Participate in sales calls/presentations and meetings
  • Support company marketing events, such as trade shows
  • Conduct security research weekly
  • Publish infoSec position paper or security tool quarterly