Cybersecurity Pentester

We are seeking a Cybersecurity Pentester/ Senior Pentester to support our Cybersecurity Consulting practice. This position assists Consultants in planning and executing IT / OT security assessment engagements and red / purple teaming operations for our rapidly expanding client portfolio.

• Support Seniors and Consultants with remote / onsite assessments, such as red teaming and/or purple teaming operations, web /mobile application penetration tests, vulnerability assessments, launch phishing campaigns and configuration review engagements
• Ability to minimally conduct blackbox and greybox tests and eventually whitebox testing
• Basic project management and manage client relationships on expectations with effective communication
• Coordinate day-to-day operations with Seniors, Consultants and clients (i.e. schedule and lead meetings; create agendas; develop document request lists; document walkthrough narratives, control designs and tests of operating effectiveness)
• Conduct peer-reviews of the projects in-scope
• Assist Senior Consultants with the preparation and review of draft reports
• Assist with audit quality and assurance procedures
• Utilise base knowledge of information security systems, risks and controls
• Perform other administrative duties and assist with internal initiatives as assigned

• Bachelor’s degree from an accredited university in IT, computing/forensics, accounting, data analytics or a related field
• One to two (1-2) years of experience in information security, IT security testing or a related field preferred
• Focused experience with OWASP Top 10, OSSTMM, MITRE ATT&CK Framework preferred
• Ideally, working knowledge and technical experience with Windows OS, Linux, AWS, GCP, Azure, and SQL Server.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements
• Familiarity with tools, such as Cobalt Strike, Kali Linux, Burpsuite, Slack, Discord
• Excellent interpersonal, written and verbal communication skills
• Exemplary time-management skills with the ability to juggle multiple projects and priorities
• Self-starter with a solution-oriented mindset and the ability to thrive in a fast-paced environment, at times with well-defined goals, but limited formal procedures/structure
• Must be a team player, passionate about the security testing, and have an innovative mindset
• Working toward or already have certifications, such as CREST CRT, OSEP, OSCE/3, OSWE, OSED, OSWP, OSCP and others related to information security testing and red teaming operations.