Penetration Tester Job Description Template
Our company is looking for a Penetration Tester to join our team.
Responsibilities:
- Fundamental understanding of scripting languages to include the following – python, powershell, ruby, perl;
- Understand the basics of penetration testing – network, web application, application/code review;
- Ability to ask questions and gain further knowledge of problems that may arise during engagements;
- Familiarity with the command line interface of multiple operating systems – Windows, macOS, Linux, etc;
- Ability to work socially and efficiently in a team environment and receive direction from the senior members;
- Moderate experience with penetration testing tools – Metasploit, Nikto, SQLMAP, Responder, Nessus, netcat, etc;
- Fundamental understanding of “coding languages” – C++, C#, PHP, AJAX, HTML, etc;
- Demonstrate understanding of the penetration testing methodology laid out by the following standards PTES, OSSTMM, NIST, OWASP, et al;
- Escalate issues to vendors, security team, and engineering through standard escalation processes;
- Integrates information security controls into an environment to identify risks and reduce impact;
- Participate in or work directly on, additional projects, assignments or initiatives as required;
- Communicates information security procedures to the business;
- Discovers and exploits vulnerabilities affecting Dell infrastructure;
- Develops and maintain tools to assist in vulnerability research and exploit development.
Requirements:
- Understanding of penetration testing tools and techniques (Kali, Backtrack, Metasploit);
- Working knowledge of Windows/Unix systems administration and security vulnerabilities;
- Deep knowledge of network protocols (IPV6, DNS, HTTP, etc) and accompanying tools (Wireshark, TCPDump, etc);
- US Citizen;
- 3+ years direct or equivalent experience in areas of penetration testing, exploit development, vulnerability research and fuzzing;
- Experienced programming using x86/x64 assembly C, C++, and Python (or a comparable scripting language);
- In-depth knowledge and experience with Windows Operating Systems Internals (Kernel, Registry, File system, Windows APIs);
- Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John);
- Have published security research or security bug;
- Possesses excellent English communication skills (both written and verbal);
- Demonstrated real world experience performing grey and black box penetration testing;
- 5+ years of experience in Information Security;
- Familiar with the Metasploit framework;
- Bachelor’s Degree in related field;
- Candidates possessing the following will be given preferential consideration.