Senior Penetration Testing Engineer

Senior Penetration Testing Engineer Job Description Template

Our company is looking for a Senior Penetration Testing Engineer to join our team.

Responsibilities:

  • Outline and document risk impacts in executive summary reports and communications to relevant stakeholders;
  • Develop and maintain penetration testing procedures and methodologies;
  • Perform research to stay current with penetration testing tools, methodologies, tactics, and mitigations;
  • Expert knowledge of common vulnerabilities, exploits, and attacks used during a penetration test;
  • Excellent written and verbal communication and organizational skills;
  • Ability to scope and perform segmentation testing, as defined in the PCI-DSS, in order to validate our scope reduction;
  • Strong understanding of Payment Card Industry knowledge and penetration testing concepts;
  • Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff;
  • Strong application/product/software security background is a plus;
  • Ability to succeed through collaboration and working through internal and external organizations and individuals;
  • Knowledge of web application design & implementation concepts to include supporting systems;
  • Threat modeling, adversary emulation, or long duration Red Team exercises is a plus;
  • Prior DevOps or continuous delivery and deployment experience preferred;
  • Ability to manage and run penetration testing engagement on your own;
  • At least 3 years of recent experience focused on Penetration Testing.

Requirements:

  • Creative problem solving and analytical thinking;
  • Interpersonal and conflict resolution skills;
  • Flexible and responsive to changing situations; adaptable to changing requirements;
  • Demonstrated ability to anticipate and manage change in a highly dynamic environment;
  • Have desire to create a Pen Testing Program;
  • 3+ years of experience in penetration testing/Red Team and security code review experience ;
  • Extensive skills in providing written and verbal presentations;
  • Technical writing skills;
  • Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff;
  • Strong application/product/software security background is a plus;
  • Knowledge of web application design & implementation concepts to include supporting systems;
  • Threat modeling, adversary emulation, or long duration Red Team exercises is a plus;
  • At least 3 years of recent experience focused on Penetration Testing;
  • Customer service-oriented capabilities;
  • Ability to manage and run penetration testing engagement on your own.