Senior Penetration Tester
Apply on
Availability Status
This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.
Job Title: Senior Penetration Tester
Role Overview: We are looking for a Senior Penetration Tester to lead and execute a
thorough vulnerability assessment and penetration testing program. This role requires
expertise in performing regular and ad-hoc penetration tests, especially in cloud
environments, to ensure that security controls are robust and compliant. Proficiency in
Ruby and Ruby on Rails, along with a solid background in cloud security, particularly
within AWS, is essential.
Technical Skills:
Programming Languages:
o Advanced skills in Python, Ruby, Perl, C, and C++.
o Expertise in scripting languages such as Bash, PowerShell, and
JavaScript.
Operating Systems:
o Deep understanding of Windows, Linux, and Unix systems.
Network Protocols:
o Extensive knowledge of TCP/IP, UDP, DNS, HTTP/S, FTP, SMTP, and
other networking protocols.
Penetration Testing Tools:
o Proficient with tools such as Metasploit, Burp Suite, Nmap, Wireshark,
Nessus, and OpenVAS.
Exploitation Techniques:
o Expertise in identifying and exploiting vulnerabilities like SQL injection,
XSS, CSRF, and buffer overflows.
o Familiarity with advanced exploitation and post-exploitation techniques.
Cloud Security:
o Proficient in AWS cloud security practices and tools, including Amazon
Cognito, AWS Security Hub, GuardDuty, and Amazon Inspector.
o Knowledgeable in cloud-specific security tools and penetration testing
methodologies.
Web Application Security:
o In-depth understanding of OWASP Top Ten vulnerabilities and web
application security testing methodologies.
o Experience in assessing web applications and APIs for security
weaknesses.
Experience & Qualifications:
Professional Experience:
o Minimum of 5 years in IT security, focusing on designing and implementing
security architectures for cloud environments.
o Proficiency with AWS Cloud Platform and an understanding of best
practices in cloud security.
Security Technologies:
o Experience with security tools and technologies including firewalls, VPNs,
IDS/IPS, WAFs, SIEM, and endpoint security solutions.
o Knowledge of encryption tools and AWS security services such as
Amazon Cognito, AWS Security Hub, GuardDuty, and Amazon Inspector.
Compliance & Standards:
o Familiarity with industry standards and regulations such as NIST, HIPAA,
and SOC 2.
o Experience in conducting security assessments and audits.
Skills:
o Strong problem-solving capabilities with the ability to convey complex
security concepts to non-technical stakeholders.
o Effective collaboration with cross-functional teams to address security
issues and improve overall security posture.
Key Responsibilities:
Cloud Security Operations:
o Deploy and maintain AWS cloud security controls to ensure the secure
operation of cloud environments.
o Manage container-based deployment models, including source-to-image
and image-stream containers, and oversee automated CI pipeline
management.
o Implement and manage automated security scans during container image
builds.
Cloud Orchestration & Networking:
o Oversee security in multiple container-based orchestration frameworks.
o Apply business security rules through automated "operator agents" and
ensure secure container networking, including TLS-based communication.
o Maintain visibility of clusters with dashboards and automatic graphing of
network communication patterns.
Disaster Recovery & Security Monitoring:
o Support disaster recovery efforts across different cloud regions with
defined recovery time objectives (RTO) and recovery point objectives
(RPO).
o Manage centralized log monitoring and analysis, collaborating with IT and
privacy teams for incident response.
o Provide detailed monitoring to identify potential vulnerabilities and ensure
continuous security.
Security Audits & Compliance:
o Conduct regular penetration tests and vulnerability assessments to ensure
adherence to industry standards.
o Work with development teams to address identified vulnerabilities and
ensure ongoing compliance with relevant regulations.
Location: [Insert Company Address]
Apply Now: If you are an experienced penetration tester with expertise in cloud security
and a strong background in Ruby on Rails, we invite you to apply. Join our team and
play a key role in enhancing our security measures and protecting our cloud
infrastructure.
Mail id: