Senior Penetration Tester (Only W2)

Career Opportunity: Job Title: Senior Penetration Tester (Only W2) About CodeForce 360 Making a career choice is amongst the most critical choices one can make, and it's important for the choice to be calculated with factors such as a company's run of success since its inception and more. But, when you come across a company that has reputation proven with nothing but an illustrious run of success since the day it began, you don't need to think of anything else. That's precisely what some of our employees and prospective employees think when they came across CodeForce 360. Position Overview Senior Penetration Tester (Only W2) Requirements: Key Accountabilities (please indicate if these are direct or indirect accountabilities):

• Scope penetration tests with project teams
• Conduct penetration testing activities against IT systems and applications
• Liaise with Security Architects and Project teams to articulate findings and drive remediation
• Analyse or produce high quality penetration test reports and draft remediation plans
• Build / maintain penetration testing environments
• Maintain technical documentation; e.g. methodologies, technical guides, and reporting standards
• Mentor junior tester, developing their penetration testing experience

• 3 - 5 years experience in a Penetration Testing position
• Strong understanding of:
• Penetration testing process and deliverables
• Web Application / API penetration testing methodology
• Common application vulnerabilities such as those included within the OWASP Top 10 and ASVS checklist
• Experience with using common web/API application penetration testing tools such as Burp Suite Professional
• Demonstrable knowledge of additional tooling utilised for all stages of the web/API testing methodology
• Strong stakeholder management and written/oral communication skills, with the ability to communicate at a technical and business user leve
• High reporting standards and strong attention to detail, able to review and QA work of peers

• Experience in application development
• Actively involved in the security community; developing open-source tools, contributing to security blogs, or participating in CTF competitions
• Able to work in both waterfall and agile software delivery project
• Experience working in a Critical National Infrastructure environment, or similarly regulated industry
• Good understanding of the Energy industry and Industrial Control Systems
• Computer Science, Mathematics, Engineering, or Security related degree (or higher)