Blue Mantis · 6 hours ago
Penetration Tester
Maximize your interview chances
Data CenterInformation Technology
Growth Opportunities
Insider Connection @Blue Mantis
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Advanced Penetration Testing: Dive deep into clients' systems, networks, cloud security, and applications utilizing powerful tools such as Burp Suite, Metasploit, Nmap, and Wireshark. Employ Python, Ruby, C#, and PowerShell scripting to manipulate vulnerabilities, demonstrating potential exploits.
Strategic Attack Simulation: Analyze the intricate attack surface of clients, crafting bespoke penetration strategies. Employ OSINT techniques to maximize attack vectors, simulating real-world cyber threats.
Precise Vulnerability Unveiling: Employ manual finesse and automated tools to uncover hidden risks. Expertly detect web application vulnerabilities like SQL injection and cross-site scripting (XSS), and exploit security misconfigurations.
Detailed Exploitation Reporting: Craft comprehensive reports outlining identified vulnerabilities, potential exploitation paths, and recommended mitigation strategies.
Describe advanced Active Directory exploit paths and complex web application attack vectors with precision.
Technical Insight Communication: Translate technical findings into actionable insights. Explain complex exploitation scenarios and potential impacts, enabling clients to enhance their security posture. Discuss sophisticated Active Directory, Cloud, and web app vulnerabilities in clear terms.
Remediation Guidance and Implementation: Transfer recommendations from assessments into actional plans and assist with remediation efforts.
Cutting-Edge Skill Refinement: Keep up to date with evolving security threats, emerging vulnerabilities, industry best practices and Zero Trust architecture.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
3-5+ years of hands-on security experience within IT environments.
3 + years of experience performing Penetration Tests, Ethical Hacking, and Vulnerability assessments.
3+ years of cloud (AWS and Azure) Penetration Testing with IaaS, Application Security, and Cloud Control Plane.
CISSP Certified or CISSP exam/study is currently in progress to be acquired within 3 months.
Bachelor’s degree in Computer Science, Information Security or a related field.
1 of the following Certifications: OSCP, GPEN, GWATP, or OSWA certified.
1 AWS Security Certification or to be completed within 6 months. AWS Cloud Engineer or Cloud Security Architect.
Ethical Integrity: Uphold ethical standards, ensuring engagements and client interactions are conducted with the utmost integrity.
Maintain strict confidentiality, showcasing the company's dedication to ethical excellence.
Preferred
Methodology Advancements: Drive the progression of penetration testing methodologies. Contribute to refining tools like Burp Suite and developing new techniques, elevating the art of ethical hacking and red teaming.
Knowledge Sharing: Guide junior team members, imparting expertise in AD, SQL, and web app exploits. Enhance team growth through workshops and hands-on mentoring, elevating overall technical proficiency.
Company
Blue Mantis
Blue Mantis (fka GreenPages) provides digital technology services and strategic guidance to help clients modernize their businesses with next-generation technologies.