Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
As a penetration tester, you’ll understand complex web and mobile applications and technical cyber security terms. You’ll need to do:
- Work with clients to determine their requirements from the test, for example, the number and type of applications they would like testing
- Plan and create penetration methods, scripts, and tests
- Carry out remote testing of network testing infrastructure to expose weaknesses in security
- Simulate security breaches to test applications relative to security
- Create reports and recommendations from your findings, including the security issues uncovered and the level of risk.
- As well as identifying problems, you may also provide advice on how to minimize risks and provide advice on methods to fix or lower security risks to systems
- Present your findings, risk, and conclusions to management and other relevant parties
- Consider the impact your ‘attack’ will have on the business and its users
- Understand how the flaws that you identify could affect a business, or business function, if they’re not fixed
Job Requirements
- An In-depth understanding of web and mobile applications and their operation
- Excellent spoken and written communication to explain your methods to a technical and non-technical audience
- Attention to detail, to be able to plan and execute tests while considering client requirements
- The ability to think creatively and strategically to penetrate security systems
- Good time management and organizational skills to meet client deadlines
- Ethical integrity to be trusted with a high level of confidential information
- The ability to think laterally and ‘outside the box
- Teamwork skills, to support colleagues and share techniques
- Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done
- Business skills to understand the implications of any weaknesses you find
- Commitment to continuously update your technical knowledge base