Vacancy expired!
VDart Inc is the leading global provider of digital solutions, products and talent management company providing digital technology solutions in Automotive, Manufacturing, Energy & Utilities and Healthcare Industries. Led by a strong global team located across 10 countries including USA, Canada, Mexico, Brazil, UK, Japan, Australia & India. We are currently accepting applications from staffing firms for our Preferred Partner Program, where we align niche staffing firms with specific verticals based on their strengths. To apply, please visit: ;/p> Penetration Tester Philadelphia, PA (Hybrid) Contract Experience and Qualification:
- Perform manual and automated Web Application Penetration Testing (DAST), Network Penetration Testing and Mobile security testing (Android and iOS).
- Engage in customer discussions to clearly identify/document the requirement.
- Good understanding of multiple language frameworks.
- Experience with infrastructure and application penetration testing
- Exploit vulnerabilities to gain access, and expand access, to remote systems
- Research cutting edge security topics and new attack vectors
- Work with the wider team, mentor fellow team members and assist pre-sales
- Adhere to the security standards and all policies and procedures identified for the project specified by the organization.
- Strong familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK
- Conduct comprehensive security testing of mobile applications, develop testing methodologies, and provide actionable recommendations for vulnerability remediation
- Write penetration testing Rules of Engagements (RoE), Test Plans, and Standard Operating Procedures (SOP)
- Conduct security reviews, technical research, and provided reporting to increase security defense mechanism
- Experience with shell scripting or automation of tasks using Perl, Python, Go, Bash, or Ruby. Web Application development experience is a plus.
- Strong Unix, Windows and networking security skills
- Advanced Knowledge of Windows Operating Systems and Windows API calls
- Manual penetration testing experience above and beyond running automated tools
- Experience developing custom scripts or tools used for vulnerability scanning and identification
- Azure / AWS security certifications is a plus.
- Good understanding of server vulnerabilities (Linux, Windows) and hardening
- Experience working with different Cloud platforms (Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) and environments (Public, Private, Hybrid) in a security role
- Experience with Burp Suite Pro, including identification and usage of relevant plugins
- Experience in Kali Linux OS.
- Experience with security assessment tools, including Nessus, Accunetix, Metasploit, or Cobalt Strike
- Industry leading qualification such as OSCP, OSWE, CISSP, CREST, OSCE or equivalent
- Development experience in C/C, C#, .NET, PHP, Java, Python, Ruby is a plus.
- Active participation in Vulnerability Disclosure program and Capture The Flag (CTF) competitions.
- Having a good position in "Hack In The Box" is a plus.
Vacancy expired!