Web Application Penetration Tester

Responsibilities:

• Conduct thorough penetration testing across a variety of web applications examining both clientside and serverside aspects. This includes an indepth analysis of application structures server setups databases and identifying business and logic flaws to detect security vulnerabilities.
• Employ sophisticated techniques and adopt an adversarys mindset to uncover and exploit vulnerabilities highlighting the potential impact to emphasize the need and urgency for remediation. This includes the development of custom payloads and leveraging known exploits.
• Develop and communicate effective remediation strategies for mitigating identified vulnerabilities ensuring clear guidance is provided to the development teams involved

Requirements:

• A minimum of two years of experience in the field of web penetration testing

Qualifications and Certifications:

• Degree or industryrecognized certifications focused on practical skills such as BSCP OSWE OSWA HTBCWEE or HTBCBBH serve as substantial evidence of practical knowledge and expertise in penetration testing demonstrating a commitment to and proficiency in the field.
• Expertise in Web Pentesting: Comprehensive knowledge of web application vulnerabilities to exploit security gaps/ vulnerabolities on endpoint applicaitons. A solid understanding of OWASP/OSWAP API standards and proficiency in manual testing methodologies is a must
• Programming Skills: Proficiency in at least one programming language (e.g. Python Java PHP JavaScript) to support effective testing and exploitation methodologies
• Bug Bounty Recognition: Achievements in bug bounty programs indicating practical experience in identifying and reporting security vulnerabilities are considered an advantage.
• Cloud and Container Security: Experience with security assessments of cloudbased applications and services (e.g. AWS Azure) and familiarity with the security considerations for containerized deployments are desirable

Remote Work :

No