Senior Penetration Testing Engineer Job Description Template
Our company is looking for a Senior Penetration Testing Engineer to join our team.
Responsibilities:
- Outline and document risk impacts in executive summary reports and communications to relevant stakeholders;
- Develop and maintain penetration testing procedures and methodologies;
- Perform research to stay current with penetration testing tools, methodologies, tactics, and mitigations;
- Expert knowledge of common vulnerabilities, exploits, and attacks used during a penetration test;
- Excellent written and verbal communication and organizational skills;
- Ability to scope and perform segmentation testing, as defined in the PCI-DSS, in order to validate our scope reduction;
- Strong understanding of Payment Card Industry knowledge and penetration testing concepts;
- Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff;
- Strong application/product/software security background is a plus;
- Ability to succeed through collaboration and working through internal and external organizations and individuals;
- Knowledge of web application design & implementation concepts to include supporting systems;
- Threat modeling, adversary emulation, or long duration Red Team exercises is a plus;
- Prior DevOps or continuous delivery and deployment experience preferred;
- Ability to manage and run penetration testing engagement on your own;
- At least 3 years of recent experience focused on Penetration Testing.
Requirements:
- Creative problem solving and analytical thinking;
- Interpersonal and conflict resolution skills;
- Flexible and responsive to changing situations; adaptable to changing requirements;
- Demonstrated ability to anticipate and manage change in a highly dynamic environment;
- Have desire to create a Pen Testing Program;
- 3+ years of experience in penetration testing/Red Team and security code review experience ;
- Extensive skills in providing written and verbal presentations;
- Technical writing skills;
- Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff;
- Strong application/product/software security background is a plus;
- Knowledge of web application design & implementation concepts to include supporting systems;
- Threat modeling, adversary emulation, or long duration Red Team exercises is a plus;
- At least 3 years of recent experience focused on Penetration Testing;
- Customer service-oriented capabilities;
- Ability to manage and run penetration testing engagement on your own.