As a Junior Penetration Tester in our cybersecurity team, responsible for ensuring the security of our organization's networks, systems, and applications. You will work closely with senior penetration testers and other security professionals to conduct assessments, identify vulnerabilities, and recommend remediation measures. Your primary focus will be on assessing and improving the security posture of our internal infrastructure.

• Conduct network, system, and application penetration tests on our internal infrastructure to identify security vulnerabilities and weaknesses.

• Use industry-standard methodologies, tools, and techniques to simulate real-world attack scenarios

• Perform reconnaissance, vulnerability scanning, and manual testing to discover potential weaknesses in target systems

• Analyze the results of penetration tests and vulnerability scans to identify security weaknesses

• Prioritize and document identified vulnerabilities based on their severity and potential impact

• Collaborate with team members to ensure accurate reporting and effective communication of findings

• Assist in developing and implementing strategies to remediate identified vulnerabilities and weaknesses

• Work closely with system administrators and developers to guide them in resolving security issues

• Conduct follow-up assessments to validate the effectiveness of remediation efforts

• Maintain accurate documentation of testing methodologies, tools, and processes

• Collaborate with senior penetration testers and security professionals to enhance your skills and knowledge

• Stay updated with the latest security threats, vulnerabilities, and industry best practices

• Participate in knowledge-sharing sessions and contribute to the continuous improvement of the organization's security practices

• Bachelor's degree in Computer Science, Computer Technology, Cybersecurity, Information Technology, or a related field.

• Experiences in penetration testing, whether professional job, bug bounty, or capture the flag experiences. Legally, of course.

• Think critically about complex problems and situations

• Go beyond automated and "push-button" attack tools and utilities.

• Creative, out-of-the-box thinker who can leverage various domains of knowledge to create uniquely tailored tests and solutions for complex problems.

• You’re curious by nature, intrigued by how things work, and have an appetite to find weaknesses in their design and implementation.

• A desire to stay current with the latest technologies, attacks, and hardening strategies. You’re a regular online reader of blogs and social media for the latest in security, enjoy good conference talks, and/or contribute to interesting projects.

•  

• Driven personality, with a desire to continuously improve, put in the hours, and deliver. You take pride in your work, and you want it to be the best you can do.

• Highly organized and detail-oriented with the ability to independently prioritize multiple projects while still balancing personal goals. You recognize when you need help, and aren’t afraid to ask for it.

• Have a strong ethical compass and an understanding of ethics in business and information security. You’ll respect scope limitations, clean up after your attacks, and never access or retain data that isn’t pertinent to the testing.

• Extensively used open source penetration testing tools and frameworks, such as (but not limited to) Metasploit, Burp, Nmap, Nessus etc.