Cybersecurity Pen Tester

Social network you want to login/join with:

This role focuses on expertise in various areas of penetration testing, including Application, Thick Client, Web Application, Mobile Application (iOS and Android), Medical IoT devices, fuzz testing, Open-Source Intelligence, and Physical Security Testing.

1. Perform vulnerability scans, fuzz testing, penetration testing, security code reviews, and reverse engineering on medical devices.
2. Conduct IoT, application (mobile, MIoT, PC), network, systems, and infrastructure penetration tests across diverse platforms in the medical industry.
3. Identify vulnerabilities and exploit methods through targeted testing activities.
4. Review threat models and perform security risk assessments of medical products.
5. Enhance understanding of adversarial tactics, techniques, and procedures (TTPs) related to medical devices and applications.
6. Support vulnerability assessments of medical devices and health software assets through penetration tests and policy development.
7. Apply technical expertise to resolve cybersecurity challenges.
8. Stay updated on security tools, threats, and technologies.
9. Develop and improve testing tools, templates, and methodologies.
10. Interpret vulnerabilities, identify weaknesses, and escalate access as appropriate.

• Higher degree in Information Security, Computer Science, Software or Electrical Engineering, or equivalent experience.
• Several years of professional experience in IoT penetration testing, fuzz testing, preferably in the medical sector.
• Knowledge in operation system security, mobile OS, embedded systems, communication protocols (Bluetooth, Wi-Fi), medical protocols (DICOM), threat modeling, and security testing tools.
• Programming skills in Python, C/C++, C#, or similar for code review and automation.
• Strong technical expertise, effective communication skills, and good time management.
• Experience with open-source and commercial penetration testing tools in enterprise environments.
• Proficiency with Windows, Unix/Linux, and mobile OS platforms.
• Understanding of OWASP Top 10, OSSTMM, PTES, NIST standards, and ability to communicate findings clearly.
• Willingness to work flexible hours and travel as needed; ability to thrive in a fast-paced environment.