Penetration Tester Resume Samples

4.6 (66 votes) for Penetration Tester Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the penetration tester job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
DH
D Hettinger
Deron
Hettinger
911 Mayer Junctions
Chicago
IL
+1 (555) 222 3797
911 Mayer Junctions
Chicago
IL
Phone
p +1 (555) 222 3797
Experience Experience
San Francisco, CA
Penetration Tester
San Francisco, CA
Reinger, Ratke and Kuphal
San Francisco, CA
Penetration Tester
  • Work with external vendors to perform penetration tests on network devices, operating systems, databases, and Applications as necessary
  • Create and hold workshops illustrating the state of the art of various technologies and assessment strategies
  • Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
  • Communicate technical vulnerabilities and remediation steps to developers and management
  • Be responsible for performing manual penetration testing and communicating your findings to both Business and Developers
  • Provides assistance to system users relative to information systems security matters
  • Work with application developers to validate, assess, understand root cause and mitigate vulnerabilities
Dallas, TX
Security Penetration Tester
Dallas, TX
Kiehn-Jacobs
Dallas, TX
Security Penetration Tester
  • Perform web application, mobile application and network penetration tests
  • Develop processes and implement tools and techniques to perform ongoing security assessments of the environment
  • Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary
  • Providing technical consultation on Security Tools and Technical Controls
  • + Development of ‘rules of engagement’ with partners
  • Develop security standards, policies, automation scripts
  • Perform security reviews of application designs and source code review
present
Phoenix, AZ
Senior Penetration Tester
Phoenix, AZ
Swaniawski-Huel
present
Phoenix, AZ
Senior Penetration Tester
present
  • No Supervisory responsibilities with this position
  • Perform infrastructure and application penetration tests, as well as physical security review and social engineering tests for our global clients
  • Perform application penetration tests across public and private networks
  • Perform assessments of security awareness training using social engineering
  • Develop testing scripts and procedures
  • Develop and leverage custom exploits
  • Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
University of Memphis
Bachelor’s Degree in Computer Science
Skills Skills
  • Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work
  • Ability to continually refine the vulnerability offerings and deliverables
  • Strong technical ability in security related architecture design and assessment (manual approach to penetration testing)
  • Ability to communicate detailed technical information to a non-technical audience
  • Demonstrated ability to work on multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment
  • Strong knowledge of information security frameworks and standards
  • Strong technical ability in current application and infrastructure testing methodologies
  • Personal development. All of our professionals receive comprehensive training covering business acumen, technical and professional skills development
  • Demonstrated proficiency in basic computer applications, such as Microsoft Office software products
  • Strong organizational skills and ability to multi-task
Create a Resume in Minutes

15 Penetration Tester resume templates

1

Penetration Tester Resume Examples & Samples

  • Use your significant "ethical hacking" skills to identify security vulnerabilities in JPMG Mobile Native and Web
  • Perform web application dynamic scans and pen tests
  • Research and develop mobile testing tools for use by internal ethical hacking team
  • Develop mobile security threat models
  • Configuration and operation of scanning and testing tools and environment
  • Documentation of test results
  • Recommendation of counter-measures and remediation techniques
  • Correlate pen-test findings to any existing threat models and/or to static and/or dynamic scan results to identify "misses"
  • Significant previous overall technology experience
  • Strong knowledge and understanding of mobile security landscape
  • Hands-on experience with ethical hacking and penetration testing of mobile and web applications (iOS, Android, RIM)
  • Demonstrated ability to plan, develop, and execute security tests
  • Strong reporting and technical writing skills
  • Demonstrated experience with industry-standard security testing tools such as AppScan, Web Inspect, Burp Suite,
  • Thorough knowledge of TCP/IP ports and protocols
  • Demonstrated experience in shell scripting
  • Demonstrated experience in application level attacks including Web 2.0 technologies
  • Computer Science or related technical degree from an accredited institution, or equivalent work experience and practical
  • Minimum of one professional certification- (ideally CREST, otherwise CISSP, CISM, MCSD, GIAC, or CEH)
2

Penetration Tester Resume Examples & Samples

  • Use your significant "ethical hacking" skills to identify security vulnerabilities in JPMG Mobile Native and Web Applications
  • Correlate pen-test findings to any existing threat models and/or to static and/or dynamic scan results to identify "misses" and recommend improvements tothose other processes
  • 5 years of overall technology experience
  • Demonstrated experience with industry-standard security testing tools such as AppScan, Web Inspect, Burp Suite, Nessus, Nmap, Metasploit, viaLab and CANVAS
  • Required experience with one or more of the following mobile security testing tools: Agnito, CLang, Charles Proxy, oTool, iPhoneDbg, iPhone-dataprotection, Keychain_Dumper, iAuditor, PList Editor, trustme, Theos
  • Technical experience in network security products, cryptographic suites, firewalls, Web Application Firewalls/Application Security Gateways, application servers, routers, IDS systems
  • Minimum of one professional certification- (CISSP, CISM, MCSD, GIAC, or CEH preferred)
3

Senior Application Security Penetration Tester Resume Examples & Samples

  • Experience in a security consulting role
  • Experience performing application security assessments including web applications, mobile applications, and web services
  • Ability to perform manual source code review and find vulnerabilities in C/C++, C#, VB.NET, ASP, PHP, and Java
  • Experience with application analysis tools, and vulnerability scanners (burpsuite, appscan, etc.)
  • Experience with web service testing tools (soapUI, etc.)
  • Experience with disassemblers/decompilers/debuggers (IDA Pro, SWF Decompiler, etc.)
  • Strong technical writing and communication skills
  • Experience in developing proof-of-concept exploit examples
  • Application development experience
  • Experience reverse engineering, binary analysis, and disk and memory forensics
  • Experience with social engineering techniques (remote pre-texting, spear phishing, etc.)
  • Experience with physical security assessments (lock picking, camera evasion, etc.)
4

Senior Network Security Penetration Tester Resume Examples & Samples

  • BA/BS in Computer Science or equivalent practical experience
  • Experience performing network security assessments including wireless
  • Experience with network/wireless analysis tools, and vulnerability scanners (Nmap, Kali Linux, Metasploit, Kismet, etc.)
  • Experience with VoIP Security & War Dialing
  • Experience physical security assessments (lock picking, camera evasion, etc.)
  • Experience developing custom scripts or tools
  • Experience scoping engagements and developing technical proposals
  • Strong programming skills
  • Experience writing custom exploits and modules in Metasploit
  • Experience in a financial services environment
5

Penetration Tester Resume Examples & Samples

  • Have expert knowledge in at least one mobile platform (iOS, Windows Mobile, Android, Blackberry)
  • Have expert application reverse engineering skillset which can be applied to mobile platforms
  • In depth understanding of mobile code (Objective C, Java, etc)
  • Expert manual code review skills
  • Application
  • Mobile (iOS, Android, Windows, Blackberry)
  • Wireless
  • Social engineering
  • Physical assessment
  • Strong knowledge of information security frameworks and standards such as ISO17799/27001 and their application into diverse environments
  • Strong understanding of the security mechanisms associated with Windows or Unix operating systems, switched networks, web based applications and databases
  • Demonstrated ability to solve complex technical problems
  • Competent to discuss the underlying technology with product developers
  • Can describe major phases, activities, checkpoints and deliverables of the application development lifecycle
  • Understands the security controls/processes required to implement a robust secure application and can clearly articulate the risk associated with the failure of those controls/processes
  • Has detailed knowledge of the purpose of - and approaches to - security testing
  • Strong web application testing experience
  • Keen understanding of network security architecture
  • Experience in reverse engineering or disassembly
  • Technical risk assessment experience
  • Application Security Code Review (e.g. looking at a client's home-grown web-facing application & reviewing the security of the code)
  • Ability to identify specific information security technical build guides and best practice deficiencies within the global organization and develop and drive cross-functional correction strategies
  • Able to identify security requirements for business applications and data
  • Experience in evaluating the design effectiveness of IT security controls
6

Penetration Tester Network & Web Application Security Resume Examples & Samples

  • Use your significant security assessment skills to identify security vulnerabilities in JPMC applications and infrastructure
  • Work with application developers to validate, assess, understand root cause and mitigate vulnerabilities
  • Analyze software security threats and plan tests
  • Correlate pen-test findings to any existing threat models and/or to static and/or dynamic scan results to identify "misses" and recommend improvements to those other processes
  • 2+ years of overall technology experience
  • Strong knowledge and understanding of security landscape
  • Programming ability or development experience in at least one of the following languages: .NET (ASP.NET), Java, Perl, Python, Ruby, C/C++/ObjectiveC
  • System or network administration experience
  • Ability to plan, develop, and execute security tests
  • Ability to communicate and explain suggested remediation steps to developers
  • Experience with industry-standard security testing tools such as AppScan, Web Inspect, Burp Suite, Nessus, Nmap, Metasploit, viaLab, ZAP, and CANVAS
  • Understanding of TCP/IP ports and protocols
  • Clear understanding of how the software development lifecycle works in a large enterprise
  • Computer Science or related technical degree from an accredited institution, or equivalent work experience and practical knowledge
7

Penetration Tester Resume Examples & Samples

  • 10+ years of experience with IT-5+ years of experience with performing Web application security assessments and network penetration tests
  • Experience with testing at least 30 different Web applications using manual methods and using a Web proxy tool-Experience with multiple operating systems, including Windows and Linux
  • Knowledge of how to identify, exploit, and remediate the OWASP Top 10 Web vulnerabilities, including SQL Injection and XSS
  • Knowledge of IT security concepts, including network design, countermeasures, risk management, operational security, and attack techniques
  • Ability to perform manual penetration testing in addition to the use of scanning tools and produce client-ready deliverables
  • Ability to self-motivate and work with minimal guidance from a remote location
  • Experience with computer programming languages
  • Experience with system administration
  • Experience with Web application developer
  • Experience with training others on how to manually test Web applications for common vulnerabilities
  • Possession of excellent technical writing skills
  • BA or BS degree in Information Security or an IT-related field
  • Security+, CISSP, CPT, CEPT, ECSA, LPT, CEH, or other security Certification
8

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with penetration testing tools, including Burp Suite, Nmap, Wireshark, Nessus, and Metasploit
  • 1+ years of experience with Perl, Python, or other scripting languages
  • Knowledge of common vulnerabilities and related attack vectors, including OWASP Top 10 and CWE/SANS Top 25-Ability to brief technical and non-technical audiences on security threats, vulnerabilities, and risks-Ability to obtain a security clearance
9

Penetration Tester, Senior Resume Examples & Samples

  • 12 years of experience as a penetration tester
  • Experience with a wide variety of tools for vulnerability and penetration testing
  • Experience with performing network and application level testing using established test protocols and methods
  • Experience with performing network and application-level testing
  • Experience with researching and evaluating emerging technologies relevant to information systems security
  • Knowledge of agency specific and federal security regulations
  • DoD 8570-1M Change 2 or CEH Certification
  • IAT Level III or IAM Level III Requirements Certification, including CISSP Certification
  • BA or BS degree in CS, IT, Engineering, or in a related field preferred in lieu of 4 years of experience in a professional work environment
  • Linux, Unix, Windows 2007, or CCNA Certification
10

Penetration Tester Resume Examples & Samples

  • Minimum of five (5) years IT security experience
  • Minimum of two (2) years technical experience performing web application vulnerability assessments and/or ethical hacking
  • Extensive knowledge of OWASP exploitation methodology and web application vulnerability standards
  • Experience with industry standard web application frameworks such as Burp Suite, AppScan, and Nikto but more importantly can think outside-the-box to develop tailored solutions for non-standard problems
  • Experience with network/wireless analysis tools, attack frameworks, and vulnerability scanners (Nmap, Nessus, Kali Linux, Metasploit, Kismet, etc.)
  • Experience with web-based programming, protocols, best practices, and cryptography
  • Experience with common computer operating systems, networking protocols, and host-based / network security products and capabilities
  • Experience developing custom tools and/or scripts to accomplish desired goals
  • Experience with applicable programming/scripting languages such as JavaScript, jQuery, Python, Ruby, etc
  • Experience performing mobile application security assessments
  • Experience with VoIP Security & War Dialing a plus
  • Familiarity with various network architectures, network services, system types, network devices, development platforms and software suites
  • Industry standard certifications such as CISSP, GWAPT/GPEN and OSCP/OSWE
11

Penetration Tester Resume Examples & Samples

  • Overall 7+ years of Information Security experience with one of the following
  • Advanced knowledge of networking fundamentals (all OSI layers)
  • Advanced knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes
  • Strong knowledge of software exploitation (web, client-server and mobile) on modern operation systems
  • Expert knowledge of networking protocols and packet analysis
  • Well versed in multiple security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
  • Demonstrated understanding of financial sector, or other large organization, security and IT infrastructures
  • Able to work either independently or in a team
  • The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
  • Able to articulate and visually present complex forensic investigation and analysis results
  • Able to work under pressure in time critical situations
  • Excellent written and verbal communication skills are required
  • Ability to communicate effectively with business representatives in explaining forensic findings clearly and where necessary, in layman's terms
  • Ability to communicate with other industry forensic professionals to ensure solid partnerships with key external stakeholders to ensure that the forensic investigation process remains at a word class level
12

Penetration Tester / Ethical Hacker Resume Examples & Samples

  • Perform and lead application and network security vulnerability assessments
  • Perform and lead application and network penetration tests
  • Write vulnerability assessment and penetration test reports
  • Recommend additional lifecycle security activities where appropriate
  • Perform other security-related service delivery as utilization/load balancing may require/warrant
  • HP Technical Career Path Specialist level or above, or equivalent
  • Familiarity with one or more of: NIST SP 800-53, PCI-DSS, ISO/IEC 27001&2, or COBIT
  • Familiarity with key security testing tools: WebInspect, Nessus, Metasploit
13

Penetration Tester Secure Works Resume Examples & Samples

  • Maintain working knowledge of advanced cyber threat actor tactics, techniques and procedures (TTP), and emulate these TTP to assess vulnerability and risk
  • Conduct exploitation testing using off-the-shelf or self-developed exploitation tools, and document findings for client remediation
  • Excel as both a self-directed individual contributor and as a member of a larger team
  • Availability for domestic travel and limited international travel up to 50%
  • Apply innovation to improve service efficiency and service value
  • Suggest or implement enhancements to internal systems
  • Interface with Counter Threat Unit (CTU) and Incident Response (IR) teams
14

Senior Penetration Tester Resume Examples & Samples

  • Strong, hands-on technical knowledge of network and PC operating systems, including Firewalls, IDS/IPS, Windows, UNIX (Linux, AIX, HPUX, Solaris, etc.), TCP/IP, etc
  • Excellent hardware and software troubleshooting experience
  • Competence with security testing tools and procedures for information security
  • Staff an on-call rotation
  • 6-8 years of experience with Information Security related activities
  • Experience conducting analysis and containment of potential data breeches or cyber security incidents
  • Familiar with scripting/coding skills with a focus on tool integration
  • Information Security Certifications, such as CISSP, GIAC, OSCP, CEH
  • No Supervisory responsibilities with this position
15

Cyber Vulnerability Analyst & Penetration Tester Resume Examples & Samples

  • Practiced experience executing, ethical hacking and penetration testing
  • Significant knowledge regarding security vulnerabilities, application analysis, and protocol analysis
  • Knowledge of and practiced experience with penetration testing and ethical hacking products
  • Knowledge of and ability to manage vulnerability scans against a range of assets
  • Experience devising methods to automate testing activities and streamline testing processes
  • Practical experience with Linux and Windows operating systems
  • Familiarity with common programming or scripting languages
  • Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion
  • Practiced knowledge performing vulnerability assessments against servers, workstations, web applications and other components
  • Knowledge regarding security vulnerabilities, application analysis and protocol analysis
  • Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools)
  • Ability to understand information security risks associated with vulnerability and penetration testing
  • Knowledge of patching programs of major hardware/software manufacturers
  • Knowledge of secure configuration and hardening of systems
  • Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
  • Bachelor’s degree in Computer Science or related field required. At the manager’s discretion, additional relevant experience may substitute for the degree requirement
  • Typically requires 3+ years’ experience performing vulnerability assessments and penetration testing
  • Experience applying ethical hacker techniques, phishing schemes, emerging logical security threats, and compromised server techniques
  • Current CEH, GPEN, CISSP, and GCIA certifications preferred
16

Information Security Engineer Penetration Tester Resume Examples & Samples

  • Have working and usable knowledge in either Ruby, Python, C/C , or Assembly
  • Have working knowledge with Metasploit, Core Impact, Canvas, and other exploitation frameworks
  • Think outside-the-box
  • Have contrarian thinking with attention to detail, with carefully organized action
  • Analyze target systems, continually thinking about how to unravel their defenses
  • Approach problems in a different way than “normal” Systems Admins would
  • Be able to spot weaknesses and logic flaws that other people might miss
17

Bluemix Security Penetration Tester Resume Examples & Samples

  • At least 1 year experience in security scanning tools
  • At least 1 year experience in Linux/Windows OS security
  • At least 1 year experience in network security
  • At least 1 year experience in Testing Representational State Transfer (REST) interfaces
18

Senior Penetration Tester Resume Examples & Samples

  • Perform infrastructure and application penetration tests, as well as physical security review and social engineering tests for our global clients
  • Perform vulnerability scanning and assessments
  • Perform application penetration tests across public and private networks
  • Perform assessments of security awareness training using social engineering
  • Develop testing scripts and procedures
  • Develop and leverage custom exploits
  • Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
  • Other security-related projects that may be assigned according to skill
  • Minimum of 5 years work experience performing security penetration tests or internal technical security audits
  • Minimum of 5 years of IT experience
  • Strong ethics and understanding of ethics in business and information security
  • Proficient written and oral communication skills
  • Investigative skills
  • Experience with exploitation frameworks (e.g., MetaSploit, Core Impact, Canvas)
  • Understanding and familiarity with common penetration testing methods and standards
  • Understanding of security issues on both Microsoft and *NIX operating systems
  • Ability to complete tasks and deliver professionally written reports for clients
  • Ability to present and articulate findings to technical staff and executives
  • Possess current security certifications (e.g., CISSP, CEH, GPEN, GXPN)
  • Working knowledge of Security principles, techniques and technologies
  • Expert understanding of network protocols, design and operations
  • Degree in either Computer Engineering, Computer Science, or Information Systems Management
  • Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
  • Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify
  • Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
  • Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
19

IT Security Penetration Tester Resume Examples & Samples

  • Knowledgeable with Cybersecurity tools, particularly MetaSploit, nMap, QualysGuard, ArcSight, Splunk, Archer among other tools used to conduct required testing
  • Experienced and effective with information security technology design, development, and implementation
  • Good understanding of the TWC business goals and objectives
  • Knowledge of applicable regulatory requirements, data privacy practices and security control frameworks
  • 5-7 years of experience with Information Security related activities
20

Senior Penetration Tester Resume Examples & Samples

  • Minimum of 4 years in Information Security Field
  • Vulnerability Research and Exploit Development
  • Penetration Testing Execution Standard Automation Framework (PTES)
  • Previous experience with teaching application security to developers
  • Must code in one or more languages such as Java, Python, Ruby, PHP, or .Net
  • Penetration Testing – WebInspect, Acunetix, Netsparker Appscan, Fortify, Ounce, Vercode, Burp Suite, NMAP, Nessus, Metasploit, Core Impact, Qualys, Kali Linux, Backtrack, Samurai WTF, OWASP ZAP, SQLMap and manual tools
  • Red Team Operations
  • Previous experience with debugging and fuzzing binaries
  • Experience with multiple SDLC’s such as Agile, Dev Ops, and Waterfall
  • Previous software development experience
21

Senior Penetration Tester / Ethical Hacker Resume Examples & Samples

  • Demonstrates extensive expertise in security and engineering practices. Integrates broad working knowledge in related disciplines to apply integrated security solutions for complex business situations
  • Perform formal security reviews of application designs, source code and deployments as required, covering web application, web services, mobile applications, network, and other computer systems
  • Possesses basic understanding of cyber incident and response and related current events
  • Complete project work accurately and within deadlines as required
  • Integrate security risk information into penetration testing process
  • Develop and maintain effective working relationships with clients and other team members
  • Supports/mentors skill development within the team
  • Demonstrated ability to methodically analyze problems and identify solutions
  • Makes decisions which influence and impact the success of cross-team initiatives
  • Investigates and recommends approaches and systems that meet quality, performance and sustainability criteria
  • Drives continuous improvement in establishing and meeting system level performance measures
  • CISSP, GPEN, GWAPT, GXPN, OSCP or other information security certification
  • Experience in vulnerability identification and remediation is required
  • Network penetration testing experience strongly desired
  • Experience with mobile application and operating systems a plus
  • Experience with commercial application scanning tools
  • Experience with network tools such as Nessus, Nexpose, nmap, etc
  • Experience with various security tools and products (Fortify, AppScan, etc.)
22

Penetration Tester Resume Examples & Samples

  • Enhance current processes/methodologies around the Penetration Testing capability
  • Interprets the identified vulnerabilities, removes false positives and provides a detailed report, with risk, impact, recommendations to remediate the risk, and step by step instructions for reproducing the issue
  • Develop reports and metrics for management and remediation teams
  • Research and determine Penetration Testing tools to be used by internal Ethical Hacking team
  • Partner with Risk and Compliance teams
  • Share knowledge and mentor new team members and peers
  • Consult with different teams on strategic initiatives as well as highly technical projects that have regulatory concerns
  • Work with external vendors to perform penetration tests on network devices, operating systems, databases, and Applications as necessary
  • Ensure the Ethical Hacking practice is incorporated into the SDLC process
  • 3 years of general IT Risk/Vulnerability Management experience
  • 1 or more years’ experience performing network and/or application penetration testing
  • Experience with Windows/UNIX/Linux/IOS operating systems
  • Working knowledge of network communications and technologies (ie routers, switches, firewalls)
  • Bachelor's degree in information security, computer science, engineering, or equivalent experience
  • 3 or more years’ experience performing network and/or application penetration testing
  • 5 years of general IT Risk/Vulnerability Management experience
  • Mobile Application development and pen testing
  • Knowledge and use of Pen testing tools (Metasploit, Kali, Burp, others…)
  • Understanding of current threats and exploits to include experience with threat remediation
23

Penetration Tester Resume Examples & Samples

  • Maintain and increase areas of technical competence to enhance depth and breadth of assessment/penetration testing abilities through advanced training
  • Create and hold workshops illustrating the state of the art of various technologies and assessment strategies
  • Build an effective network of relationships with Barclays technology partners globally to ensure the trust and credibility of team is developed
  • Proven experience in security architectural considerations for cross-functional, cross-platform applications
  • Have superior time management and organizational skills to undertake multiple critical penetration tests concurrently
  • Understanding routine IT security monitoring and administration tools
24

Cyber Vulnerability Analyst & Penetration Tester Resume Examples & Samples

  • Responsible for conducting vulnerability assessment scans, assisting with penetration testing, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities
  • Contributes to building and delivering services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production
  • Tracks public and privately released vulnerabilities and assists in the corporate triage process including: identification, criticality evaluation, remediation planning, communications, and resolution
  • Conducts vulnerability assessment scans, exposing security vulnerabilities and risks and recommending solutions to mitigate such vulnerabilities
  • Educational knowledge of, or limited experience executing, ethical hacking and penetration testing
  • Introductory knowledge regarding security vulnerabilities, application analysis, and protocol analysis
  • Strong attention to detail. Strong verbal and written communication skills
  • Knowledge regarding security vulnerabilities, application analysis and network protocol analysis
  • Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice
  • Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
  • At the manager’s discretion, additional relevant experience may substitute for the degree requirement
  • Typically requires 1+ years’ experience performing vulnerability assessments and penetration testing
  • Experience applying ethical hacker techniques, phishing schemes, evaluating emerging logical security threats, and compromised server techniques preferred
25

Mobile Penetration Tester Resume Examples & Samples

  • Hands-on experience with security scans and vulnerability assessments of mobile applications and devices
  • Familiarity with various open source and commercial mobile security assessment tools and technologies
  • Basic knowledge of mobile forensics
  • Ability to perform research and develop mobile testing tools for use by internal teams
  • Ability to analyze and develop mobile security threat models and test plans
  • Experience working with mobile application developers to validate, assess, understand root cause and mitigate vulnerabilities
  • Experience with configuration and operation of scanning and testing tools and environment
  • Ability to effectively documentation of test results
  • Experience with network, server, mobile/web application ethical hacking and exploitation
  • Experience using XCode or Eclipse for mobile testing
  • Understanding of Windows, *Nix, Android and iOS filesystems and security architecture along with scripting capabilities
  • Hands-on experience with mobile device forensics and analysis
  • Hands-on experience with mobile application reverse engineering, security/source code analysis and binary patching
  • Demonstrated experience with mobile security tools such as NowSecure Lab, Drozer, Substrate, Xposed-Framework and etc.…
  • Understanding of Mobile Device Management services
  • Familiarity with common vulnerabilities in major operating systems (i.e., Windows, Unix and iOS/Android) and ability to track the emergence of new exploitation techniques
  • Bachelor’s Degree in Engineering or Technology related fields a major plus
  • 2 to 4 years of mobile application security assessment experience
  • GMOB, GWAPT, GPEN Certification
26

Penetration Tester Resume Examples & Samples

  • Engage in threat hunting activities to proactively search for threats in the enterprise environment
  • Guide security strategy through interaction with and direction to, when necessary, other teams in Information Security (e.g. network operations, Cyber Threat Operations Center (CTOC), vulnerability management) along with information and liability risk officers and technology management
  • Aid team members for enhancement and enrichment of security monitoring tools with contextual information
  • Adhere to all policies and standards, as well as regulatory requirements regarding reporting and escalations
  • Demonstrated advanced knowledge of cyber security operations with master of two or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation
  • Demonstrated experience with systems for automated threat intelligence sharing using industry standard protocols such as Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indication Information (TAXII)
  • Advanced knowledge of processes, procedures and methods to research, analyze, and disseminate threat intelligence information
  • Ongoing passion for learning about information security through self-education
  • Ability to formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities
  • Consistent history of delivering on commitments
  • Knowledge of the incident handling procedures and intrusion analysis models
  • Proven communication skills, both written and verbal, to both business and technology audiences
  • Ten years of experience
  • Industry certifications in networking, such as Cisco Certified Network Associate (CCNA), Certified Wireless Network Administrator (CWNA) and/or Net+
  • Experience in the Intelligence Community (IC)
27

Penetration Tester Resume Examples & Samples

  • Strong technical abilities to conduct infrastructure and application security assessments employing a variety of techniques (both automated and manual) throughout the full pentesting delivery cycle (recon, vulnerability assessment, exploitation, lateral movement),
  • Mobile penetration testing
  • Social engineering skills
  • Physical penetration testing
  • Security source code reviews
  • Industrial Control Systems (SCADA) testing
  • Incident response/forensics analysis
  • Has Full UK Driving License
  • SC Security Clearance
  • CREST certification
  • Certified at CHECK team member/leader or equivalent (CREST or TIGER (Cyber Scheme)
  • OSCP
28

Penetration Tester Resume Examples & Samples

  • Scanning and discovering rouge hosts, networks, and devices and scanning and discovering vulnerable systems and applications
  • Source code review, threat modeling and penetration testing on various platforms
  • Provide network/application vulnerability assessment and penetration testing services globally through a comprehensive testing process, as well as identifying weaknesses and vulnerabilities within the system and proposing countermeasures
  • Typical assignments involve testing of the overall security of critical infrastructure components and applications to ensure compliance with internal policies, security architecture best practices, and industry standards
29

Senior Penetration Tester Resume Examples & Samples

  • Vulnerability Management and Threat Intelligence
  • Influence feature design, architecture, standards & processes to ensure Security
  • Conduct advanced network security forensics
  • Assessment and recommendation of Web Application Security
  • Influence culture to be security minding at all times
  • Ability to automate tasks using scripting or other programming language
  • Identify gaps in current technology & processes & recommend improvements
  • Collaborate at depth with peers in Development & Program Management
  • Proven experience as a team player working with devops groups to continuously improve security posture
  • Working knowledge of industry standard tools and systems related to penetration testing and forensics
  • Deep hands‐on technical expertise in large scale systems engineering & complex distributed systems architectures
  • Able to articulate and visually present attack and mitigation strategies and concepts
  • Demonstrated expertise in web services, virtualization, cloud concepts, REST, JSON, YAML, XML, SQL, PHP, LDAP, & object oriented methodologies
  • Solid understanding of network routing, load balancing, & Internet transport protocols
  • 7+ years’ experience providing security insight and solutions in large scale environments
  • Strong analytical and troubleshooting capabilities
  • Ability to manage multiple priorities, commitments & projects
  • Demonstrated passion for customer experience & usability, including successful delivery of customer self‐service tools & automated management/optimization of services
30

Red Team Operator / Penetration Tester Resume Examples & Samples

  • Network penetration testing
  • Application (web, mobile, etc.) penetration testing
  • Social engineering (e-mail phishing, phone, physical, etc.)
  • Red Team operations
  • Strong understanding of networking fundamentals (all OSI layers, protocols, etc.)
  • Strong understanding of Windows/Linux/Unix operating systems
  • Strong understanding of operating system and software vulnerabilities and exploitation techniques
  • Strong understanding of web application vulnerabilities and exploitation techniques, covering the OWASP Top 10 as a minimum
  • Strong knowledge of and experience with commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post-exploitation (e.g. Nmap, Nessus, Metasploit, Burp Suite, etc.)
  • Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines
  • Bachelor's Degree in Engineering or Technology related fields a major plus
  • SANS (GPEN, GXPN, GWAPT), Offensive Security (OSCP, OSCE), CREST/Tiger Scheme Certified Tester certifications or equivalent strongly desired
  • Knowledge of malware packing, obfuscation, persistence, exfiltration techniques
  • Knowledge and experience in using interpreted languages (Ruby, Python, Perl, etc.) and/or compiled languages (C, C++, C#, Java, etc.)
  • Experience in developing in house tools / scripts to improve delivery and facilitate testing operations
  • Ability to perform targeted, covert penetration tests with vulnerability identification, exploitation and post-exploitation activities with no or minimal use of automated tools
  • Well versed in security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
  • Understanding of financial sector, or other large organization, security and IT infrastructures
  • Ability to articulate and visually present complex penetration testing and red team results
  • Ability to work effectively independently and in a team
  • Ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
  • Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work
31

GIS Penetration Tester Resume Examples & Samples

  • Design and execute penetration tests against a variety of technologies including web application, mobile and infrastructure
  • Work within virtual teams of security and technical specialists to ensure quality delivery of leading solutions to our internal clients
  • Provide reports which highlight and clearly articulate vulnerabilities and weaknesses to clients in terms they understand
  • Infrastructure
  • Code review
  • Excellent understanding of security strategies and technologies including secure network design, e-Channels, remote computing, desktop and server hardening, secure web services, Compliance Auditing, Secure Software Development Lifecycles, Software Audit
  • Extensive experience creating innovative solutions and responding to information security incidents a strong plus
  • Able to explain security functionality from first principles
  • Understands core development methodologies and their associated technologies
  • Excellent TCP/IP knowledge and understanding of security implications/issues over the OSI model
  • Proven programming / scripting skills
  • Good awareness and understanding of the Barclay’s business unit responsibilities and structure
  • Can describe deliverables associated with the requirements analysis and definition
32

It-penetration Tester Resume Examples & Samples

  • 1) Executes tests of web-based applications, networks, end user systems, servers and other infrastructure systems with automated and manual tools
  • 2) Works with developers and application owners to identify and prioritize vulnerabilities based on business criticality
  • 3) Documents, tracks, and reports on exposures in a timely manner
  • 4) Identifies security risks and exposures, determines the cause of security violations and suggests procedures to halt future
33

Consulting Risk Advisory Security & Privacy Penetration Tester Resume Examples & Samples

  • Perform application and network penetration tests for our global clients
  • Use commercial scanning tools such as BurpSuite, Nessus, and other commercial products to analyze systems for vulnerabilities, and provide risk reduction recommendations
  • Performing manual verification of vulnerabilities to reduce false positives
  • Understanding of common regulatory or standards-based control frameworks such as PCI-DSS, ISO 27001/2, NIST 800-53, etc
  • Creating comprehensive security assessment reports
  • Interfacing with clients to gather information and investigate security controls
  • Maintaining industry credentials/certifications
  • Supporting ongoing development of security assessment service offerings
  • Bachelor's degree in Computer Science, Computer Engineering, Cyber-Security, Information Security or a related field or equivalent experience
  • Minimum 4 years of experience conducting application and network penetration testing
  • Ability to travel as needed (up to 35%)
  • GIAC GPEN, Offensive Security Certified Professional (OSCP), CISA, CISSP or Offensive Security Certified Expert (OSCE) preferred
  • Implementation of vulnerability management programs is a plus
  • Prior consulting or professional services background preferred
  • Knowledgeable regarding Sarbanes-Oxley Act, Payment Card Industry (PCI), and SOC
  • Experience with an accounting or consulting firm preferred
  • Strong verbal and written abilities
  • Strong multitasking and project management skills
34

Consulting Risk Advisory Services Security Penetration Tester Resume Examples & Samples

  • Perform Internet penetration testing (blackbox/greybox /whitebox testing) and network architecture reviews (manual/automated)
  • Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments
  • Assist with the development of remediation recommendations for identified findings
  • Help identify improvement opportunities for assigned clients
  • This position is for individuals with 1-6 years of experience within the cyber security space, with a preference for prior consulting or professional services backgrounds. Other candidates may be considered based on experience and skill sets
  • Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices
  • Bachelor’s degree in computer science or related field from an accredited college/university
  • Technical background in networking/system administration, security testing or related fields
  • Two or more years of Perl, Python, Bash, or C experience
  • Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.)
  • Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
  • Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
  • Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.)
  • In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®)
  • Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client’s senior management team
35

Penetration Tester Resume Examples & Samples

  • Penetration testing (ethical hacking) applications and network environments
  • Writing test and penetration plans and documenting your results
  • Performing reconnaissance and network surveys to map your targets
  • Researching tools and security exploits
  • Consulting with clients on high-level strategic initiatives as well as highly-technical and detailed regulatory compliance projects
  • Learning the tricks of the trade from experienced mentors
  • Blogging about your new security finds
  • Be proficient with all the usual suspects
36

Information Security Penetration Tester Resume Examples & Samples

  • Certified Information System Security Professional
  • At least 7 years experience with processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data
  • Product and vendor evaluation
37

Principal Penetration Tester Resume Examples & Samples

  • Lead testing efforts on Fidelity's assets, including web and mobile applications and supporting systems
  • Consult with operations and software development teams to ensure potential weaknesses are addressed
  • Stay current on security best practices and vulnerabilities
  • 8+ years of IT experience
  • 4+ years of hands-on web application penetration testing / ethical hacking experience
  • Preferred - CISSP, CEH, LPT, OSCP, GPEN or other industry security certification
  • Ability to demonstrate manual testing experience including all of OWASP Top 10
  • Advanced knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
  • Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider
  • Advanced knowledge of C, C#, Python, Objective C, Java, Javascript, SQL,
  • Advanced knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX
  • Advanced Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring
  • Proven analytical and problem solving skills, as well as the desire to assist others in solving issues
  • Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team
  • Full commitment to customer satisfaction and the highest ethical standard
38

Penetration Tester Resume Examples & Samples

  • Participate in testing efforts on Fidelity's web and mobile applications and supporting systems
  • Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats
  • Upon completion of the assessment, you will prepare reports and present the results to application owners, developers, and business unit information security teams
  • Analyze test results, draw conclusions from results, and develop targeted exploit examples
  • Contribute to the research or development of tools to assist in the vulnerability discovery process
  • Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity's applications and infrastructure
  • Bachelors degree in Computer Science (or related field) or equivalent experience
  • 5+ years of IT experience
  • 1+ years of hands-on web application penetration testing / ethical hacking experience
  • Intermediate knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
  • Technical knowledge of, and the ability to recognize, various types of application security vulnerabilities
  • Intermediate knowledge of C, C#, Python, Objective C, Java, Javascript, SQL,
  • Intermediate knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX
  • Intermediate knowledge of web frameworks, including XML, SOAP, J2EE, JSON and Ajax
  • Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring
  • Excellent interpersonal skills with a strong interest in the application security domain
  • Excellent communication and presentation skills and a proven ability to communicate threats and facilitate progress towards long-term remediation
39

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with participating in Cybersecurity testing events, including configuration analysis, vulnerability assessments, or penetration testing in a data gathering role as a tester or analyst
  • 1+ years of experience with Linux or UNIX-based operating systems, including command line interfaces
  • Experience with NMap, Tenable, Nessus, OpenVAS, Metasploit, Core Impact Pro, Burp Suite, or Nikto
  • CompTIA Security+, CISSP, GSEC, CASP, CISA, or Certified Ethical Hacker (CEH) Certification required
  • Experience with US Navy Afloat systems
40

Penetration Tester, Senior Resume Examples & Samples

  • 7+ years of experience in two or more of the following: network vulnerability assessments, Web application security testing, network penetration testing, red teaming, or security operations or hunt
  • Experience with tools, including Nessus, WebInspect, AppDetective, Hailstorm, Metasploit, Burp Suite Pro, Aircrack-ng, and Kismet
  • Knowledge of applications, database, and Web server design and implementation
  • Knowledge of open security testing standards and projects, including OWASP
  • Experience with wireless LAN security, including 802.11 standards
  • Experience with hardware reverse engineering using JTAG or UART
  • Experience with physical security assessments, including the use of proxmark3 or similar proximity card spoofing or copying device
  • Ability to display enthusiasm for security and technology
  • BS degree in Computer Engineering or CS or a technical field preferred
41

Red Team Penetration Tester, Senior Resume Examples & Samples

  • Experience with multi-vector penetration testing using Core Impact preferred
  • BA or BS degree
  • 8570 IAT Level II Certification and CNDSP Auditor Level I or Level II preferred
42

Penetration Tester, Senior Resume Examples & Samples

  • 5+ years of experience in security with practice in penetration testing and vulnerability assessments
  • 2+ years of experience with vulnerability analysis or reverse engineering
  • Knowledge of software development in C++ or Java
  • Knowledge of building and managing Virtual systems, including VMware, ESXi, Xen, or Virtualbox
  • Experience with programming in C, C++, C#, Java, ASM, PHP, Perl, Microsoft .NET, Python, or Ruby and Linux or UNIX Shell Scripting
  • Experience with problem solving through using out-of-the-box approaches
  • Knowledge of penetration attack strategies for Web services, databases, and e-mail, Forensics tools, and Cryptography principles
  • Knowledge of Enterprise level solution storage and databases, including relational databases, database management systems, enterprise storage systems, or security concerns for these systems
  • CEH: Certified Ethical Hacker Certification
  • CPT: Certified Penetration Tester Certification
  • CEPT: Certified Expert Penetration Tester Certification
43

IT Risk Penetration Tester Resume Examples & Samples

  • Hungarian, English knowledge is needed
  • Solid knowelde of IT technologies (network protocols, operating systems, database systems, middlewares, and architecture patterns)
  • Hands on experience on administration of Linux and Windows systems
  • Hands on experience on one ore more database systems
  • Proficiency in one or more multi platform scripting language. (eg. Perl or Python)
  • Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns
  • Hands on experience with the following tools
  • Hands on Antivirus and IDS alert avoidance experience
  • Exploit development experience
  • Reverse engineering experience
  • GIAC Certified Penetration Tester (GPEN) / Certified Expert Penetration Tester (CEPT) /Offensive Security Certified Professional (OSCP) or other relevant certificates
44

Penetration Tester, Mid Resume Examples & Samples

  • 1+ years of experience with participating in Cybersecurity testing events, including configuration analysis, vulnerability assessments, or penetration testing as a tester or analyst in a data gathering role
  • Experience with NMap, Tenable Nessus, OpenVAS, Metasploit, Core Impact Pro, Burp Suite, or Nikto
  • CompTIA Security+ Certification, CISSP Certification, GSEC Certification, CASP Certification, CISA Certification, or Certified Ethical Hacker (CEH) Certification required
45

Junior Penetration Tester Resume Examples & Samples

  • Conduct full penetration tests of enterprise networks, web applications, mobile applications, and wireless networks
  • Perform additional security services for customers including social engineering campaigns, physical security tests, source code review, and online reconnaissance
  • Provide vulnerability context and remediation information to customers in detailed technical reports
  • Research evolving exploits, techniques, and tools in support of penetration testing efforts
  • Work as part of a team or independently when necessary
  • 2+ years experience in information security or related field
  • Bachelor’s degree in Cybersecurity, Digital Forensics, or related field
  • High familiarity with Windows and UNIX environments at command line level
  • In-depth knowledge of TCP/IP protocol and commonly used ports
  • Experience with penetration testing tools such as nmap, Nessus, Kali, Metasploit, Nikto, Burpsuite, etc
  • Knowledge of common web application attacks such as SQL injection, cross-site scripting, session hijacking, cross-site request forgery, etc
  • The ability to learn, study, and adapt to ever-changing vulnerabilities and testing methodologies
  • Strong written/oral communication and technical writing skills
  • Familiarity with OWASP and NIST risk and vulnerability structures
  • Relevant certifications such as GPEN, OSCP, etc
  • Advanced degree in an information security field
  • Programming skills in Python, Perl, Ruby, or other relevant languages
46

Cyber Security Penetration Tester Resume Examples & Samples

  • Minimum Bachelors degree and 6 years experience or 10 years equivalent experience without a degree; degree should be focused on engineering or applied science. TS/SCI clearance required
  • Must possess or be willing to obtain the CISSP and a Penetration Tester (i.e., GPEN, L|PT, GPXN) certification within 6 months upon arrival at the customer site
  • Must pass customer training and certification program and remain mission ready qualified
  • MCTS, Linux+, C|EH and GREM certifications a plus
  • Hands on knowledge and experience with The Metasploit Framework and Burp Suite; a background in applications development, a plus
  • Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models
  • Familiarity with the following protocols: ARP, DHCP, DNS, DSN, FTP, HTTP, IMAP, ICMP, IDRP, IP, IRC, NFS, POP3, PAR, RLOGIN, SMB, SMTP, SSL, SSH, TCP, TELNET, UDP
  • Analytical with the ability to understand and implement customer objectives
  • Experience or familiarity with military operations highly desirable
  • Previous experience in penetration testing preferred (3-5 yrs)
47

Penetration Tester Resume Examples & Samples

  • C++
  • Javascript
  • Ruby
48

Red Team Penetration Tester Resume Examples & Samples

  • Effective analytical and critical thinking skills - proven problem solving and follow-thru
  • Effective documentation and verbal communication skills in customer-facing roles Demonstrated successful ability to multi-task and perform in an interrupt-driven, non-deterministic environment while working independently and as a team
  • Demonstrated self-starter and team player with ability to quickly learn new concepts with guidance from senior team members
  • Ability to foster new ideas/concepts and generate synergy with the team, positive, team and mission-oriented attitude, self-motivate when given strategic goals
  • Ability to lead others and deliver results (brief leadership, customers, etc.)
  • Knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk
  • Familiarity with Advanced Persistent Threat (APT) activity; Offensive attack hacker mindset
  • Familiarity with Information Security practices
  • Comfortable executing information system penetration testing techniques and tools
  • Intelligence – indicators, contacts, information gathering, OPSEC, OSINT, etc
  • Practical experience with UNIX based and Windows operating systems
  • Incident Response – forensics and system/network integrity
  • Password cracking, encryption and algorithm analysis, etc
  • Application Analysis – Fuzzing, Reverse Engineering, Disassembling (IDA, OllyDbg)
  • Demonstrated proficiency in development of applications, custom tools, and solutions in various coding languages to include SQL, python, Django, perl, ruby, PHP, Java, etc
  • Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various testing tools
  • Skills in open source data collection (OSINT) and acquisition such as investigating, researching, google hacking, etc
  • Database experience – (Oracle, MSSQL, MySQL, MongoDB)
  • Certifications (CEH, CEPT, LPT, ECSA, Security+, GIAC {Web, wireless, forensics, mobile, exploit researcher})
49

Senior Penetration Tester Resume Examples & Samples

  • Serving as the Security Compliance and Testing Lead for assigned systems
  • Analyzing IC ITE software and data services for variances from IC security policies
  • 12 years or more of developing, implementing, integrating, maintaining, and evaluating security engineering and security architecture for IT enterprise architectures
  • Active Certified Information Systems Security Professional certification (CISSP)
  • Very familiar with at least one of the following: NSA, CIA, NRO, NGA, DIA, DHS, FBI or DoD information security architectures
  • Very familiar with the Federal Information Security Risk Management Framework (RMF)
  • Active Certified Ethical Hacker (CEH) certification
50

Senior Penetration Tester Resume Examples & Samples

  • Using ethical hacking techniques to discover and exploit vulnerabilities on client applications and infrastructure
  • Testing a wide range of operating systems and technologies for vulnerabilities, flaws, improper configurations, and other issues
  • Advising a wide range of clients on remediation strategies and best practice
51

IT Security Penetration Tester Resume Examples & Samples

  • Conduct formal vulnerability assessments and penetration tests of networks, systems, web-based applications, and other types of information systems on a regular basis
  • Penetration testing and code review
  • Prepares technical reports by collecting, analyzing, and summarizing information and trends Assessments and Social Engineering
  • Conduct social engineering tests (physical, phishing, pre-texting) of client environments
  • Understanding security fundamentals and common vulnerabilities
  • Network and web-related protocol knowledge
  • Demonstrate critical thinking and creative analysis techniques in distilling test results, eliminating false positives and providing actionable recommendations for mitigation
  • Evaluate/define solutions for securing wired/wireless networks, databases and applications
  • Perform analysis of client security organizations, policies and procedures
  • Execute tests independently or work as part of testing team, taking direction from team lead(s) and executing directives in a thorough and timely fashion
  • Perform testing using defined methodologies and a combination of automated and manual tools
  • Perform physical security assessments of networks and computer systems
  • Conduct regular security audits from both a logical and a technical/hands-on standpoint
  • Vulnerability assessment
  • Understanding security fundamentals and common vulnerabilities (e.g. OWASP Top Ten)
  • Experience in security engineering, system and network security, authentication and security protocols, applied cryptography, and application security
  • Scripting/programming skills (e.g., Python, Ruby, Java, JS, etc.)
  • Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Certified PEN Tester, CHFI or CEH
52

Manual Application Penetration Tester Resume Examples & Samples

  • Understanding application configuration
  • Understanding Application design-ports being used, etc
  • Ability to do at least some code review
  • Min 3 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment
  • 1 year of manual penetration testing
  • Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc
  • Ability to see what information is being transferred over internet connection
  • Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc
  • Full grasp and ability to articulate and/or train others on the “OWASP Top 10” and related concepts
  • Minimum 3 years of experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language
  • Minimum 3 years of experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases
  • Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners
  • Ability to capture and analyze network traffic at all seven layers of the OSI model, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data
  • Have a solid grasp of core security fundamentals and concepts, including knowing one’s system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc
  • Minimum 3 years of experience with enterprise-level security control implementations, including Network Intrusion Detection/Prevention (NIDS/NIPS), Corporate Antivirus, Enterprise Web Filtering, Data Loss Prevention, Insider-threat Mitigation, Botnet Detection, etc., as well as demonstrable knowledge of the principles and techniques used to bypass said controls
  • Ability to create extremely high quality written reports containing the findings from web and thick-client vulnerability assessments, as well as the ability to articulate those findings to peer technical staff as well as various levels of management
  • Preference is for candidates with two or more of the following certifications: GSEC, GWAPT, CISSP, GPEN, GXPEN, CISA, CISM, OSCP, OSCE
53

Senior Penetration Tester Resume Examples & Samples

  • Penetration testing: you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, and, in collaboration with other penetration testing and red teams around the company, demonstrate the value of an “Assume Breach” mentality
  • Emerging Threat and Vulnerability Research - You will be identify and evaluate new areas for research, perform analysis into emerging threats, including proactive security research on the technologies that Azure and our customers utilize and depend on
  • A very high level of creativity, excellent communication skills, and an ability to work independently are critical
  • Security Assessments - Parlaying research and knowledge into threat models and security assessments of Azure services, platforms and infrastructure
  • You have a goal to prioritize areas of security risk while identifying and addressing risks that affect Azure’s ability to protect, detect, investigate, and recovery from security vulnerabilities and targeted attacks
  • Tool Prototypes & development to automate penetration testing and the detection of vulnerabilities across a suite of Azure services
  • To thrive in this position, you will need a deep technical understanding of multiple classes of security defects, along with a strong development skills and an understanding of popular languages and platforms, and the ability to learn new information at a rapid pace
  • A strong track record in security consulting, penetration testing, and general hacking are critical, but the willingness and drive to improve the state of the art overall is even more important
  • Bachelors of Science, Bachelors, BA, BA CS, Computer Science, Mathematics, Engineering degree or equivalent experience
  • 10 or more years experience in a hands-on security role, with demonstrable software engineering skills and mastery of multiple classes of security defects
  • Strong coding skills in one or more popular languages and platforms, including C/C++, C#, Java, Javascript/Typescript, SQL, assembly, Ruby, Python, and others, and the ability to pick up new platforms quickly Advanced Qualifications
  • Experience in technical disciplines outside security space, including general software development, networking, database management, big data, and full-stack development is a strong plus
54

Penetration Tester Resume Examples & Samples

  • Penetration testing: you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, and, in collaboration with other penetration testing and red teams around the company, demonstrate the value of an assume breach mentality
  • Emerging Threat and Vulnerability Research - You will be expected to perform research and analysis into emerging threats which affect cloud services through collaboration and original research, including proactive security research on the technologies that Azure and our customers utilize and depend on
  • A very high level of creativity and thirst for knowledge are a must
  • Security Assessments - Parlaying research and knowledge into threat models and security assessments of Azure services, platforms and infrastructure. You have a goal to prioritize areas of security risk while identifying and addressing risks that affect Azure’s ability to protect, detect, investigate, and recovery from security vulnerabilities and targeted attacks
  • To thrive in this position, you will need a deep technical understanding of a broad technology set and the ability to learn new information at a rapid pace. Previous experience in security consulting, penetration testing, and general hacking are important, but a desire to take on big challenges and help improve the overall service engineering process is more important
  • 2-4 years’ experience in a hands-on software engineering role
  • Strong coding skills in one or more popular languages and platforms, including C/C++, C#, Java, Javascript/Typescript, SQL, assembly, Ruby, Python, and others, and the ability to pick up new platforms quickly
  • Deep knowledge of services, security and a strong engineering and development skillset
  • Understanding of security vulnerabilities and attacks and ability to apply them or find new ones based on new technology being developed
  • Expert-level knowledge in one or more classes of vulnerabilities, including cross-site scripting, buffer overflows, SQL injection, TOCTOU vulnerabilities, cryptographic weaknesses, insecure direct object references, and others
55

Penetration Tester Resume Examples & Samples

  • 3+ years of experience with performing penetration testing, including conducting network and Web-based application penetration tests, physical security assessments, logical security audits, and hands-on technical security evaluations and implementations
  • 3+ years of experience with vulnerability scanning tools, including BackTrack, nMap, Metasploit, tcpdump, Nikto, Nessus, McAfee Vulnerability Manager (MVM), HP WebInspect, QualysGuard, Redseal, AppDetective, BurpSuite, and Wireshark
  • 3+ years of experience with Linux, Windows, and network switching and routing
  • Public Trust clearance required
56

Security Penetration Tester Resume Examples & Samples

  • Performing Penetration Tests of various attack surfaces such as network, software applications, human (social engineering, trusted insider) and working with business owners to identify remediation strategies for identified issues
  • Reviewing and evaluating IT operations, physical security, hardware configurations, IT systems and operating procedures in use throughout the Humana for compliance with established controls, policies, standards and procedures
  • Identifying technology and control risks within each area
  • Providing technical consultation on Security Tools and Technical Controls
  • Recommending improvements in procedures, processes, operations and systems across Humana
  • Other special projects as necessary
  • Broad IT, IT Security and IT audit experience, preferably in a large corporate environment
  • Comprehensive background in Penetration Testing
  • One or more of the following certifications: CISSP, CISA, CISM, CEH
  • Additional technical certifications of CEH, ECSA, LPT are preferred
57

Senior Penetration Tester Resume Examples & Samples

  • Perform application penetration testing against corporate and customer software applications
  • Conduct vulnerability assessments on Internet-facing systems and internal systems
  • Document technical issues identified during security assessments and write reports
  • Follow up on implementation of corrective actions from assessments with development
  • Research security threats and attack vectors provide transfer of knowledge to business
  • Act as business level technical expert in incident response when assigned
  • Perform special security projects on an ad hoc basis
  • Prefer 5 years relevant experience and BA/BS University degree from an accredited college or university, or equivalent
  • Deep understanding of in information security and related technical aspects
  • Prefer 5 years of experience with systems development, systems administration, or network administration
  • Certifications such as CISSP, CEH, OSCP or GPEN are desired
  • Previous hands-on experience in penetration testing and vulnerability assessment preferred
  • Experience of web application testing, infrastructure testing, manual testing, code reviews
  • The candidate should have a good knowledge of Java, C, C++ and associated J2EE technologies, especially in terms of secure coding standards and be able to perform code review on the mentioned languages
  • The candidate should have hands-on experience in at least one of the following scripting languages: Perl, shell scripts, and Python. Furthermore, candidate must be able to write security tools and scripts in at least one of the mentioned languages
  • The candidate should be familiar with
  • Static code analysis
  • Web service vulnerability scanning
  • Mobile security
  • Install security
  • Schema security tests
58

Information Security Penetration Tester Resume Examples & Samples

  • Penetration Testing (main focus on Infrastructure)
  • Application Vulnerability Assessment
  • Wireless Vulnerability Assessment
  • Security Audit and Assessment
  • Support of Red Team / Blue Team functions
59

Penetration Tester Resume Examples & Samples

  • Excited to work with engineers on security features and risk mitigations
  • Passionate about keeping Apple’s customers safe
  • Curious enough to hunt for vulns through large, complex code bases
  • Obsessed with breaking software
  • Able to articulate technical details and risks to lay people
  • 5 years of relevant security experience
  • Deep linux expertise
  • Experience testing low level C components
60

Penetration Tester, Senior Remote Resume Examples & Samples

  • 8+ years of experience in a Cyber security related field
  • 4+ years of experience with executing Web application, network, and system penetration tests for clients
  • Experience with leveraging open-source penetration testing tools, including Metasploit and the Kali Linux tool set
  • Ability to assist remediation efforts for discovered vulnerabilities
  • Ability to be competent with scripting in Python or Ruby
  • Ability to mentor junior and mid-level staff by teaching the latest penetration testing techniques
  • Ability to lead organized security testing engagements with little assistance while demonstrating strong team work skills
  • Experience with Web application development, system administration, and the software or system development life cycle
  • Experience with red-teaming or covert computer network exploitation
  • Knowledge of secure coding best practices
  • Ability to craft custom exploits for proof-of-concept code
61

Penetration Tester Resume Examples & Samples

  • Experience in security with practice in penetration testing and vulnerability assessment
  • Knowledge of the UNIX or Linux operating systems, TCP/IP protocol stack, and networking tools
  • Knowledge of security tools and products, including Fortify, AppScan, Nessus, Nmap, or Netcat
  • Knowledge of penetration attack strategies for Web services, databases, and e-mail, forensics tools, and cryptography principles
  • Knowledge of Enterprise-level solution storage and databases, including relational databases, database management systems, enterprise storage systems, or security concerns for these systems
  • Ability to parse and decode various application level protocols, including XML, HTTP, and MPEG
  • DoD 8570 IAT Level II Certification, including CCNA-Security, GSEC, or CompTIA Security+
  • CompTIA's Network+, Linux+, or CASP Certification
  • GPEN: GIAC Certified Penetration Tester Certification
  • OSCP: Offensive Security Certified Professional Certification
62

Penetration Tester Resume Examples & Samples

  • Discovery: Working with the customer to take stock of system elements, including networks, applications, and mobile assets. Gather key information including registration data, operating system, patch, and service version information, and system and application configurations
  • Vulnerability Identification: Based on what we learn during the discovery phase, you will then take steps to challenge them. Using a variety of applicable tools, including in-house and commercially available programs, you will create a real-world scenario where you attempt to compromise system, application, and mobile security, gain unauthorized access to resources, or disrupt and exploit system services
  • Exploitation: As a security expert, you will exploit vulnerabilities detected during the identification stage, to determine the level of impact to the enterprise, had someone with malicious intent attempted the same action
  • Provide consulting services in the discipline of vulnerability management
  • Responsible for delivery and post-delivery support
  • Provide delivery of specific vulnerability management and penetration testing services including
  • 5+ years of experience delivering penetration testing consulting engagements
  • Red Team or Ethical Hacking experience
  • Must have the ability to travel ~50%
  • Experience delivering vulnerability management assessments and consulting
  • Must have outstanding written and verbal communication and formal presentation skills
  • Ability to work with clients effectively
  • Ability to identify further opportunities
  • Ability to continually refine the vulnerability offerings and deliverables
  • Experience with mobile application penetration testing highly desired
  • Certifications such as CEH, OSCP, CISSP
63

Penetration Tester Resume Examples & Samples

  • Contribute both on an individual assessment basis as well as a global strategic basis to raise the security posture across the organisation
  • Identify application security vulnerabilities in a range of technologies including web and mobile through a combination of security assessment techniques: manual penetration testing, code-review, SAST, DAST, IAST etc
  • Work collaboratively with development teams to proactively build security within their software delivery pipeline
  • Develop security standards and guidelines for applications and systems developed at Barclays
  • Disseminate specialist application security knowledge to both the security and development communities
  • Innovate towards the goal of establishing novel security services and the enhancement of existing services
  • Produce and develop training material for the internal community to disseminate specialist expertise
  • Strong web application testing/penetration testing/code-review experience
  • Thorough knowledge of application security assessment techniques and their relative merits, including: SAST, DAST, IAST and manual assessment
  • Understanding of Application security issues, coding standards, and an ability to articulate them to developers and project managers
  • Understanding of the security mechanisms associated with Applications, operating systems, networks and databases
  • Awareness of emerging Application Security technologies
  • Knowledge of programming languages such as: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
  • Experience working with web and mobile development projects as a developer or security subject matter expert
  • Wider SDL activities such as threat modelling and design review
  • Familiarity with web application multi-tier architectures and operation
  • Working knowledge of cryptographic concepts and familiarity with best practice application within a development environment
  • Physical security knowledge and experience is considered benefitial but not required
64

Penetration Tester Resume Examples & Samples

  • Contribute both on an individual application basis as well as a global strategic basis to raise the application security posture across the organisation
  • Develop security standards and guidelines for applications developed at Barclays
  • Innovate towards the goal of establishing novel application security services and the enhancement of existing services
  • Produce and develop training material for the internal community to disseminate specialise expertise
  • Conduct periodic webinar sessions with the internal community to educate on the subject of general security
  • Understanding of Application security issues, coding standards, strong communication skills and ability to articulate them to developers and project managers
  • Knowledge of multiple programming languages: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
65

Senior Penetration Tester Resume Examples & Samples

  • Undergraduate degree or equivalent. 4+ years of applied technical experience
  • Certification(s) in penetration testing or ethical hacking such as GPEN, CWAPT, OSCP or equivalent experience employed specifically in this capacity
  • Experience & awareness of a broad set of industry security specifications, standards & regulations such as (but not exhaustive): PCI, SOX, ISO-27001/2, PIPEDA, Canadian financial regulation
  • CISSP or equivalent general security certification
  • General network technical certifications (e.g. CCNA, CCNP) desirable
  • Works with minimal supervision, while monitoring and executing a number of time critical actions
  • Demonstrable experience in PEN tools such as metasploit (and prepared to discuss relative merits of various tools)
  • Proven ability to analyze and solve a wide range of technical problems
  • Detailed operational knowledge of systems relevant to field of work in terms of functionality and capability and/or detailed knowledge of services provided within the related field
  • Broad technical knowledge suitable to an information security professional: TCP/IP, Unix, Windows, firewall, IPS, database, web application, DDoS, malware, log analysis
  • Project and/or people management skills gained through previous experience, where appropriate
  • Moderate coding ability suitable to writing shell scripts (BASH, PowerShell, etc.) or SQL queries to simplify unexpected administrative or technical tasks
  • Resolves problems independently and/or through a support team
  • Strong & clear written, verbal & presentation skills including
66

Attack & Penetration Tester Resume Examples & Samples

  • Open Source Intelligence Gathering
  • External Network Vulnerability Assessments and Penetration Testing
  • Internal Network Vulnerability Assessments and Penetration Testing
  • Wireless LAN Vulnerability Assessments
  • Social Engineering Vulnerability Assessments
  • 7+ years’ experience in security and software engineering are a must
  • BS in Computer Science, or equivalent Security and Development experience
  • Demonstrated strong Development skills, with experience in C#, C++, ASP.NET (or other web frameworks and languages), and PowerShell
  • Proven working knowledge of information security, penetration testing techniques and security code review
  • Tested deep knowledge of services, security and a strong engineering and development skillset
  • A passion and drive for turning threat intelligence into threat emulation is a must
  • A Demonstrated deep and broad understanding of security vulnerabilities and attacks (Hardware, Firmware, Software, Network, and People) and ability to apply them or find new ones based on new technology being developed
67

Vulnerability Assessment & Penetration Tester Resume Examples & Samples

  • 1+ years of experience with Backtrack or Kali Linux
  • Knowledge of common vulnerabilities and related attack vectors, including OWASP Top 10 and CWE and SANS Top 25
  • Ability to brief technical and non-technical audiences on security threats, vulnerabilities, and risks
68

Penetration Tester Resume Examples & Samples

  • Defining, scoping testing and reporting for clients
  • Build strong working relationships with clients, explaining risks and report outcomes
  • Identify vulnerabilities and providing recommendations to mitigate future risks/and or counteractive measures
  • CREST qualified
  • Minimum of 12 months experience in a pure penetration testing role, ideally within web, applications or infrastructure
  • Current valid SC is essential
  • Experience in using a variety of network and exploiting tools
69

Penetration Tester Resume Examples & Samples

  • Experience with Penetration Testing, Mobile or Web based applications
  • Infrastructure experience, tied to the foundations of network and the correlation to servers and networks
  • 10+ years of experience in security applications and systems
  • *If you are interested in long term contract opportunities please review the brief job description below and apply by sending an updated copy of your resume andthree professional references to the email below. This consultant may be required to go full time.***
70

Penetration Tester Resume Examples & Samples

  • Demonstrated on-the-job experience with penetration testing, systems exploitation and cyber security engineering to include offensive methods and capabilities
  • At least 3 years of demonstrated on-the-job experiencing performing network security analysis
  • Six plus years of demonstrated on-the-job experience in incident response and cybersecurity, with specific knowledge pertaining to digital forensics, malware analysis, and penetration testing
  • Demonstrated on-the-job experience with various attacks used to compromise networks and hosts, as well as ways to determine the occurrence of an attack
  • Demonstrated on-the-job experience performing digital forensic analysis using EnCase, as well as using various Linux distributions for purposes of imaging and analyzing digital media
  • Demonstrated on-the-job experience performing static and dynamic binary analysis to determine if captured binaries were malicious and if signatures can be derived from the binary for future detection
  • Demonstrated on-the-job experience with methods used to perform reconnaissance against a host to look for running services, open ports, and known vulnerabilities
  • Demonstrated on-the-job metasploit experience includes exploiting discovered vulnerabilities to establish a reverse shell and persistence
71

Cyber Operator / Penetration Tester Resume Examples & Samples

  • Experience exploiting vulnerabilities in computer systems, networks, and applications
  • Experience writing scripts and exploit code
  • Experience discovering new vulnerabilities in hardware, software, and operating systems
  • Extensive technical computer/network knowledge and understanding of computer hardware, software, networks, communications, and connectivity
  • Proficiency in both Linux/Unix and Windows operating systems
  • Experience using scan/attack/assess tools and techniques, including proficiency in at least one of the following frameworks: Metasploit, Core Impact, Immunity Canvas
  • Experience conducting full-scope assessments and penetration tests including: social engineering, server and client-side attacks, protocol subversion, physical access restrictions, web application exploitation
  • Experience configuring, running, validating, and contextualizing the findings of vulnerability discovery tools such as Nessus, SAINT, NeXpose, Retina, Nipper
  • Proficiency in common programming languages such as C, C++, C#, Python, Ruby, Perl, Bourne/Bash, Powershell, Visual Basic, VBScript, PHP, Javascript, HTML
  • Demonstrated experience in technical report writing
  • Bachelors degree and 5 years of relevant experience; 3 years of relevant experience with a Masters degree
  • Technical certifications that support pen testing such as OSCP/OSCE, GPEN/GXPN
  • In depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes and algorithms
  • Previous experience countering Advanced Persistent Threat (APT) type threats to large enterprises (USG or commercial), such that there is familiarity with techniques and tools employed
  • Previous software development to support penetration testing including vuln dev, tool modules, covert tunneling, scanning scripts, passive collection, etc
  • Prior experience with NGC network architecture, IT Solutions, and Information Security
  • Understanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and data
  • Familiarity with NIST Risk Management Framework
  • Familiarity with OSSTMM 3, NIST SP800-15, Penetration Testing Framework
  • Current TS/SCI w/ Poly Clearance
72

Penetration Tester Resume Examples & Samples

  • Proven expertise at advanced levels in five of the following, to include ability to combine components into a functioning multi-layer network of heterogeneous devices and applications and ability to inspect and replicate a system of such components
  • Microsoft Windows Operating System versions
  • UNIX (Solaris, HP-UX, etc.,) Operating System versions
  • Linux variant Operating System versions
  • BSD variant Operating System versions
  • C/C++ Language software development
  • Java Language software development
  • Scripting language software development
  • Database Administration and application development with Oracle, SQL Server, and/or MySQL
  • Wireless (WiFi/WiMax/Bluetooth) technology (hardware or core software)
  • Wired telephony technology (hardware or core software)
  • Mobile telephony technology (hardware or core software)
  • Ubiquitous core network device (switch/router/hub) technology (hardware or core software)
  • Advanced GIAC and/or (ISC)2 network/cyber security specialties
  • Proven ability to perform computer network vulnerability assessment and penetration testing. Understanding of risk planning and mitigation strategies. Ability to prepare and present documents and briefing materials. (Individual positions within this labor category have additional qualification and competency requirements.)
73

Senior Penetration Tester Resume Examples & Samples

  • Must have a minimum of 3 - 5 years of consulting or relevant work experience
  • Proven abilities in leading and directing teams
  • Define, maintain and execute on an account plan that is in line with our company strategy
  • Ability to effectively manage time, prioritize work, and multi-task across several project assignments
  • Ability to manage, control and report on project budget. Implement corrective action as needed to control budget
  • Ability to interact and communicate professionally with all levels of staff and management as required to coordinate project deliverables, deliver status reports, and facilitate meetings
  • Exceptional problem solving skills
  • Subject Matter Expert within the industry
  • Bachelors degree from a four-year college/university or equivalent work experience required
  • Specific industry experience relative to this role is highly desired
  • Demonstrable penetration testing skills
  • Application development background with languages such as: C, C++, C#, JAVA, J2EE, AngularJS preferred
  • Vulnerability and Risk Management experience
74

Principal, Application Penetration Tester Resume Examples & Samples

  • Build out a comprehensive testing framework which combines internal and external testing vulnerability sources, security tools and vendor capabilities
  • Collaborate with software development, system engineering and architect peers to continually improve system design, implementation and operations
  • Perform manual validation of vulnerabilities
  • Thoroughly document exploit chain/proof of concept scenarios for internal client consumption
  • A degree or certificate in management information systems, security, mathematics, computer science or related field or 2-3 years of relevant information security experience
  • Working with technical security controls
  • Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages
  • Experience with vulnerability and penetration testing techniques and tools
  • Desire to obtain one or more security-related certifications such as Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE), and Offensive Security Certified Professional (OSCP)
  • Microsoft technologies
  • Mobile application programming and/or security testing
  • Network implementation (operational and security)
  • Security testing tools including Metasploit, Nmap, Nessus, Burp Suite
75

Penetration Tester Resume Examples & Samples

  • 2+ years of experience with Cybersecurity
  • Knowledge of how to leverage open-source penetration testing tools, including Metasploit and the Kali Linux tool set
  • Ability to communicate effectively and professionally with clients, teammates, and senior leadership
  • Ability to operate in organized security testing engagements with little assistance while demonstrating excellent team work expertise
  • Experience executing Web application, network, and system penetration tests for customers
  • Experience with Web application development, system administration, and the software and system development life cycle
  • Ability to program and script in Python or Ruby preferred
  • CEH, Security+, or GPEN Certification
76

Cloud Security / Penetration Tester Resume Examples & Samples

  • Performs formal penetration tests on applications, networks and computer systems
  • Researches, document and discuss cybersecurity findings with management, DevOps and IT teams
  • Works on improvements for cybersecurity services, including the continuous enhancement of existing methodology and used tools/environment
  • Recognizes security deficiencies in the product(s)/component(s)/service(s) in the area of responsibility
  • Carries out security assessments (e.g. Threat Modeling) to reveal architectural security issues and assists the team to reach a secure design
  • Works on architectural concepts for hardening our components, services and infrastructure
  • Reviews code scan findings to find patterns, and work out guidelines for resolution
  • Takes immediate countermeasures to address security issues
  • Implements checks to ensure secure operations of service(s) in the area of responsibility
  • Provides feedback and verification as an DevOps fixes security issues
  • Professional experience in DAST/IAST tools and web debugging tools e.g. Burp, Zap, ….)
  • Experience with products for networking analyses and scanning (e.g. Nmap, Wireshark, ….)
  • Java, C, C++, C#, PHP, JavaScript
  • Experience with Unix and Unix shell commands
  • Vulnerability analysis and reverse engineering
  • Metasploit framework
  • Experience in client-server programming and Cloud environment
  • Knowledge in software security (authentication mechanisms, cryptography, security breaches…)
  • IT security knowledge (system and network security, firewalls, IPS, Proxies)
  • IT knowledge (Operating systems, networking, databases)
  • Strong reporting and written documentation experience
  • Strong decision-making and problem solving skills
  • Excellent collaboration and team and team building skills across different functional roles
  • Passionate about his/her work, self-motivated and results-oriented
  • Proficiency in spoken and written English
  • Relevant education and work experience
  • At least 3 years of experience in penetration testing and vulnerability assessment
77

Mobile Application Penetration Tester Resume Examples & Samples

  • Excellent communication skills in English (both written and oral); able to concisely communicate security risks to both technical and business audiences
  • Proven ability to build relationships with clients and stakeholder
  • Solid understanding of enterprise risk management concepts
  • Masters Degree in Engineering or Computer Science related fields a major plus
78

Penetration Tester Resume Examples & Samples

  • Should able to perform host, network, and web application penetration tests
  • Should Propose remediation strategies for remediating system vulnerabilities
  • Follow industry best practices and methodologies
  • Scripting skills (e.g., Perl, Ruby, Python, Shell scripting)
  • Knowledge of DoD networks and communications, Windows and UNIX, TCP/IP, networking, and Kali Linux
  • Knowledge of the functionality and capabilities of computer network defense technologies, including Router ACLs, firewalls, IDS/IPS, antivirus, and Web content filtering
79

Penetration Tester Resume Examples & Samples

  • Scope and execute penetration tests against a variety of technologies including web application, mobile and infrastructure
  • Work collaboratively with a variety of internal stakeholders (security consultants, project managers, service managers, development teams, technical SME’s) to deliver high quality penetration tests
  • Work within virtual teams of security and technical specialists to ensure quality delivery of leading security assurance services to our internal clients
  • Innovate towards the goal of establishing novel security assurance services and the enhancement of existing services
  • 5+ years of experience in Information Technology
  • 3+ years in Information Security Role
  • 3+ years performing security penetration testing
  • 3+ years technical experience in a highly regulated environment
  • Strong pentesting skills and experience in application and infrastructure domains at a minimum
  • Understanding of the security mechanisms associated with Applications, Operating Systems, Networks, Databases, Virtualisation and Cloud technologies
  • Programming / scripting skills
  • Wider SDL activities such as threat/attack modelling and design review
  • Physical security knowledge and experience is considered beneficial but not required
  • Experience creating innovative solutions and responding to information security incidents a strong plus
80

Penetration Tester Resume Examples & Samples

  • Lead and manage complex assessments independently or with different size teams
  • Work collaboratively with a variety of internal and external stakeholders (security consultants, project managers, service managers, development teams, technical SME’s) to deliver high quality penetration tests
  • Contribute and lead strategic team activities outside of normal BAU testing to raise the security posture across the organisation
  • Develop subject matter expertise for Barclays systems/products from security perspective
  • 8+ years of experience in Information Technology
  • 5+ years in Information Security Role
  • 5+ years performing security penetration testing
  • 5+ years technical experience in a highly regulated environment
  • Understanding of the security mechanisms associated with Applications, Operating Systems, Networks, Databases, Virtualisation and Cloud technolgies
  • Good understanding of security strategies and technologies
  • Strong knowledge of information security frameworks and standards
81

Penetration Tester Resume Examples & Samples

  • Curriculum development & Instructor
  • Possess the ability to articulate information that is relevant to the course
  • Must be capable of speaking to large and small audiences from all military, non-military organizations and chains of command
  • Must be familiar with classroom media and devices, including PowerPoint, digital projectors, etc
  • Assist in developing realistic training scenarios to replicate real-world operations based on past SOF operational experience
  • Ability to create multimedia and trans media content using popular social media capabilities
  • A minimum of 3 years of relevant experience in penetration testing, Exploitation & Vulnerability testing
  • Must have experience working in this field within the last six months; Candidate must demonstrate the ability to remain current in this field of expertise; experienced in web technologies/services; firm understanding of practices and methodologies such as SANS Critical Security Control, OWASP, OSSTMM, PTES, NIST
  • Experience with various commercial and/or government tools used to test vulnerability
  • Experience as an penetration testing (i.e., training/educational/presentation certifications from notable SM conferences or courses)
  • Must have Security certifications in one of the following GPEN, GXPN, GWAPT, GAWN, OSCE, OSCP, LPT, CEPT, CPT, CEH, ESCA, GSNA, and/or CISA
  • Preferred Information Security Certifications in one of the following, CISSP, CISM, NSA-IAM/IEM, CCISO, CAP, GSLC, GISF, and/or Security+CE
  • Preferred experience in legal/policy related to cyber analysis, research, investigation, and engagement
  • Preferred experience in project planning in a team environment
  • Must have a current SECRET security clearance with eligibility for Top Secret with SCI
  • Must have a valid state driver's license without any prior convictions for traffic violations in excess of $150 fine (Last 7 Years)
  • The ability to travel worldwide without limitations
82

IT Security Engineer Penetration Tester Resume Examples & Samples

  • Expertise and experience in performing security assessment of network devices (router, switch, firewall configuration), servers, workstations, Web applications and databases
  • Experience using vulnerability tools such as App Detective, Nessus, WebInspect, AppScan, Hailstorm, NetStumbler, NMAP, ISS, Fluke Analyzer, and Nipper
  • Expertise and experience in creating documentation such as Systems Security Plans, Contingency Plans, Test Plans, Findings Matrices and Network Diagrams
  • Knowledge of NIST and FIPS security controls
  • Expertise in conducting vulnerability testing on UNIX and Windows operating platforms
  • Experience and knowledge of Identity Management systems, Application Security, Web Application Security, SOA functions, PKI administration
  • Expertise and experience reviewing and understanding SSPs, network diagrams, SOPs, and SSDs; Virtualization, Remote Access and Secure Mobile Computing technologies
  • Possesses strong oral and written communications, client facing skills, and can articulate both written and verbally technical concepts to a variety of technical and non-technical audiences
  • Experience utilizing security tools including but not limited to; Nessus, AppDetective, NMAP, Burp Suite Prod, Weblnspect, AppScan, SOAP UI, HP WebProxy or other mature testing automation tools
  • Proficient with source code review and development
  • Experience with web, application and database vulnerability testing
  • Experience conducting manual penetration testing capabilities beyond running automated tools
  • Ability to develop custom scripts or tools for exploiting vulnerabilities
  • Ability to perform social engineering tests
  • Must be familiar with OWASP Top Ten and or any other Web Application testing framework or other best practices
  • Must be proficient in web programming languages, in addition to mobile and remote access capabilities
  • Proficient and capable of presenting all findings with 3rd party vendors and/or resources shall be able to proficiently articulate both written and verbally technical concepts to a variety of technical and non-technical audiences
  • Ability to keep current with new/cutting edge technologies, languages, tools and exploits
83

Penetration Tester Resume Examples & Samples

  • Conduct formal security tests on web-based applications, networks and other types of computer systems on a regular basis
  • Perform application and infrastructure penetration testing using both manual and automated testing Develop and contribute to existing ethical hacking methodologies and procedures
  • Support training and awareness of information security policies and procedures
  • Perform dynamic and static code analysis
  • Collaborate with other teams to develop and maintain security testing toolsets
  • Communicate technical vulnerabilities and remediation steps to developers and management
  • Support the development of secure SDLC methodologies Investigate potential vulnerabilities reported by 3rd party security researchers
  • Provide a high standard of reporting that includes KPIs (measures & measurements)
  • Communicate potential risk and risk treatment options to business owners
  • Drive solutions that are consistent with scope
  • Ability to effectively facilitate meetings with project team members, various business groups and senior leadership
  • Ability to present persuasively and effectively to executives
  • Ability to manage, control and report on project budget
  • Implement corrective action as needed to control budget
  • Ability to interact and communicate professionally with all levels of staff and management as required to coordinate project deliverables, deliver status reports, and facilitate meetings. Excellent verbal and written communication skills
  • Application development background with languages such as C, C++, C#, JAVA, J2EE, AngularJS preferred Vulnerability and Risk Management experience
  • Compliance and security framework experience, e.g., PCI, SOX, NIST, ISO
  • Experience with automated tools, e.g., Appscan, Fortify, Appscan Source, Burp Suite, Qualys, Nessus, Kali Linux
  • Available to work after normal business hours
  • Ability to follow established policies and procedures
84

Cbest Penetration Tester Resume Examples & Samples

  • Part of a Cyber Threat Management testing team, working independently and collectively on projects, liaising with other testers, clients and others where necessary
  • Apply testing methodologies to find vulnerabilities in a range of systems, including web applications, network infrastructure and mobile applications
  • Write reports and technical documentation to a client-presentable standard
  • Developing skills and knowledge in new areas of technical information security, and progress towards industry qualifications such as CREST
  • Help improve the methodologies, tools and processes used by EY every day
  • Manage client engagements and internal projects including the monitoring and management of client engagement budgets
  • Work effectively as a team member sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
  • Develop and maintain productive working relationships with client personnel
  • Build strong internal relationships within Advisory and across other services
  • Identify and escalate potential business opportunities for EY
  • Manage, coach and support associate team members on your assignments
  • Maintain technical certifications and contribute to industry bodies as appropriate
  • Vulnerability research, penetration testing, or related fields
  • Experience within the Financial Services industry and a good understanding of technology landscape
  • Appropriate qualifications or equivalency i.e. CSAM, CSAS or OSCP and CRT equivalency
  • Technical knowledge and experience in all or some of the following
85

Penetration Tester Resume Examples & Samples

  • Operating System Experience: Windows, Linux, UNIX, REMnux, GNU Linux, Kali-Linux
  • Tools: OllyDB (OllyDbg, OllyDump, Olly Advanced), IDA Pro, LordPE,
  • Scripting: Powershell, VBA, Javascript, Perl
86

Penetration Tester Resume Examples & Samples

  • Expert level knowledge in penetration testing methodology
  • Excellent problem solving, decision-making, and investigative skills
  • Experienced in establishing and maintaining effective working relationships with employees and clients
  • Proficiency in time management, project management, presentation, and organizational skills
  • Working knowledge of security and network technologies, ability to interpret vulnerabilities, exploit and pivot through application and network environments
  • Previous auditing/consulting and/or penetration testing experience
  • Familiarity with multi-platform environments and their operational/security considerations
  • Excel as both a self-directed individual and member of a larger team
87

Security Penetration Tester With English Resume Examples & Samples

  • Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients
  • Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
  • Vulnerability and threat management experience
  • Good understanding of the components of a secure DLC/SDLC
  • Understanding of cryptography principles and PKI
88

Junior Security Penetration Tester With English Resume Examples & Samples

  • Review and define requirements for information security solutions
  • Bachelor degree or higher, technical discipline preferred
  • Interest in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
  • Good knowledge of security principles, techniques and technologies
  • Strong analytical skills and efficient problem solving
  • Good English communication skills (written and oral)
  • Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE
  • Experience with various security tools and products (Fortify, AppScan, etc…)
  • Vulnerability analysis and application reversing skills
89

Cyber Penetration Tester Resume Examples & Samples

  • Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Provides technical support in the development, testing and operation of firewalls, intrusion detection systems, enterprise anti-virus and software deployment tools
  • Conducts complex security architecture analysis to evaluate and mitigate issues. Develops policies and procedures for securing the system infrastructure and applications
  • Develops complex technical and programmatic assessments, evaluates engineering and integration initiatives and provides complex technical support to assess security policies, standards and guidelines. Develops, implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications
  • Performs highly complex product evaluations, recommends and implements products/services for network security. Validates and tests complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies
  • Identifies and oversees the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security
  • Provides complex technical oversight and enforcement of security directives, orders, standards, plans and procedures at server sites. Develops manuals and ensures system support personnel receive/maintain security awareness and training
  • Assesses the impact on the business unit/customer caused by theft, destruction, alteration or denial of access to information and reports to senior management
  • Bachelor's degree in computer science or related field preferred
  • Nine or more years of experience in network, host, data and/or application security in multiple operating system environments
  • Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
  • Experience working with internet, web, application and network security techniques
  • Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
  • Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
  • Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
  • Experience working with NIST Special Publications and C & A process methodology
  • Possess security certifications (CISSP, CCNA, etc)
  • Active TS/SCI w/ Poly Security Clearance
  • Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
  • Ability to perform and interpret vulnerability assessments
  • Ability to administer the operations of a security infrastructure
  • Ability to balance and prioritize work
90

Security Penetration Tester Resume Examples & Samples

  • Passion for identifying security weaknesses across a variety computer systems
  • Analyze security test resul