Penetration Tester

VDart Inc is the leading global provider of digital solutions, products and talent management company providing digital technology solutions in Automotive, Manufacturing, Energy & Utilities and Healthcare Industries. Led by a strong global team located across 10 countries including USA, Canada, Mexico, Brazil, UK, Japan, Australia & India. We are currently accepting applications from staffing firms for our Preferred Partner Program, where we align niche staffing firms with specific verticals based on their strengths. To apply, please visit: ;/p> Penetration Tester Philadelphia, PA (Hybrid) Contract Experience and Qualification:

• Perform manual and automated Web Application Penetration Testing (DAST), Network Penetration Testing and Mobile security testing (Android and iOS).
• Engage in customer discussions to clearly identify/document the requirement.
• Good understanding of multiple language frameworks.
• Experience with infrastructure and application penetration testing
• Exploit vulnerabilities to gain access, and expand access, to remote systems
• Research cutting edge security topics and new attack vectors
• Work with the wider team, mentor fellow team members and assist pre-sales
• Adhere to the security standards and all policies and procedures identified for the project specified by the organization.
• Strong familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK
• Conduct comprehensive security testing of mobile applications, develop testing methodologies, and provide actionable recommendations for vulnerability remediation
• Write penetration testing Rules of Engagements (RoE), Test Plans, and Standard Operating Procedures (SOP)
• Conduct security reviews, technical research, and provided reporting to increase security defense mechanism
• Experience with shell scripting or automation of tasks using Perl, Python, Go, Bash, or Ruby. Web Application development experience is a plus.
• Strong Unix, Windows and networking security skills
• Advanced Knowledge of Windows Operating Systems and Windows API calls
• Manual penetration testing experience above and beyond running automated tools
• Experience developing custom scripts or tools used for vulnerability scanning and identification
• Azure / AWS security certifications is a plus.
• Good understanding of server vulnerabilities (Linux, Windows) and hardening
• Experience working with different Cloud platforms (Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) and environments (Public, Private, Hybrid) in a security role
• Experience with Burp Suite Pro, including identification and usage of relevant plugins
• Experience in Kali Linux OS.
• Experience with security assessment tools, including Nessus, Accunetix, Metasploit, or Cobalt Strike
• Industry leading qualification such as OSCP, OSWE, CISSP, CREST, OSCE or equivalent
• Development experience in C/C, C#, .NET, PHP, Java, Python, Ruby is a plus.
• Active participation in Vulnerability Disclosure program and Capture The Flag (CTF) competitions.
• Having a good position in "Hack In The Box" is a plus.