29 August, 2012

Penetration Testers

Penetration Testers

We urgently require experienced penetration testers who can prove to us that they have the knowledge, experience and skills to test our clients networks.
You must know about probing firewalls, wi-fi connections, servers (Unix and Windows) and not only understand how to breach any existing security, but also how to secure it. Experience of remote penetration as well as attempts through war-driving are all useful.
We don’t look for formal qualifications or big company names on your CV. We want people who know their stuff and can do the job.
 
Job Description:
The Ethical Hacker / Penetration Tester will be working individually and in teams mostly in a virtual capacity. This individual will be performing penetration testing or vulnerability assessment of web application, network, wireless, code review and firewall on multi-protocol enterprise systems.
 
Technical Skills:
·        Strong web application and / or penetration testing experience is a requirement
·        Experience in vulnerability identification and remediation
·        Excellent knowledge of multiple Operating Systems: Windows, Linux, Solaris, OS X, etc.
·        Experience performing different types of security testing such as network penetration testing, wireless testing, code reviews, wireless and/or firewall assessments
·        In depth knowledge of HTTP proxying tools such as Burp, WebScarab, Charles, Fiddler, etc.
·        Familiarity with Web technologies such as XML, SOAP, AJAX
·        Familiarity with web Server and Application Software: IIS, Apache, WebLogic, WebSphere, Tomcat, etc.
·        Experience with any of the following commercial application scanning tools such as IBM’s AppScan, HP’s WebInspect, NTOSpider, Cenzic’s Hailstorm, Application Security Inc.’s AppDetective
·        Experience with vulnerability scanning tools such as Tenable’s Nessus
·        Experience with open source software such as nmap, netcat, nikto, tcpdump, openssh, openssl, openvpn
·        Practical programming knowledge (C/C++, Perl, Python, Ruby, etc.) for potential tool and exploit development
·        Technical knowledge in network security products, cryptographic suites and network / applications firewalls are a plus
·        Experience with mobile application and operating system testing are a bonus
·        Training of client staff

Do you think you fit the spec? Then please contact us in the first instance through our contact page.