Senior Penetration Tester

QUALIFICATIONS AND EDUCATION REQUIREMENTS

• Regarding academic requirements, there are none. As long as you can read, write, code and hack things, you’re most welcome to apply.
• Typically 2-3 years of experience in pentesting and red-teaming. However, if you don’t have enough experience, but you think you can match up to the experienced guys, feel free to apply.
• You must have an atypical mind, where you always think out-of-the-box. Old traditional thinking is boring.
• You must be always following latest security news concerning data breaches, exploits and malware.
• You must be a good communicator and with above average English skills (written and spoken).
• You must be flexible when it comes to job responsibilities. Duties could sometimes require you to
• Improvise and adapt to new situations.

PREFERRED SKILLS

• Deep understanding of security testing frameworks and tools.
• Good coding skills, in both interpreted and compiled languages.
• Good in-depth knowledge of networking and Operating systems.
• Proficiency in Linux.
• Deep knowledge of OWASP TOP 10 vulnerabilities and especially the top 5. Memorizing them is not enough.
• Good knowledge of RCE vulnerabilities and how to find, exploit and remediate them.
• Familiarity with business logic bugs and how to find, exploit and remediate them.
• Ability to construct a well-written penetration testing report to be presented to stakeholders.
• Ability to understand and write shellcode for Linux and Windows. This naturally implies good knowledge of binary exploitation and x86 assembly.
• Familiarity with network attacks on different layers.
• Ability to automate the pentesting process using either automated tools or custom-made scripts.

RECOMMENDED CERTIFICATES

• OFFENSIVE SECURITY (OSCE, OSEE)
• GIAC (GXPN, GWAPT)
• PTP, WAPT

MANDATORY CERTIFICATES (IF ANY)

• OSCP