Penetration Tester

Thanks for the click. We know your time is valuable so we will get right to it.

We’ve amassed some of the best and brightest minds in cyber security who are passionate about protecting the digital world. Our team blends advanced technology alongside deep expertise to tackle the toughest cyber threats out there. Put simply, our mission is to stay ahead of the curve and create a safer digital landscape for our partners, and we think adding a Penetration Tester will up our cyber game.

Working as part of the team, the successful candidate will be supporting users both locally and remotely, providing support to staff at all levels of the organization regarding tasks including but not limited to installation, repair and upgrade of end user hardware and software, corporate server support, new staff induction training, and managing meeting rooms and associated equipment. An excellent Penetration Tester must have good technical knowledge and be able to communicate effectively to understand the problem and explain its solution. They must also be client-oriented and patient to deal with clients that are less technical.

The goal is to create value for clients that will help preserve the company’s reputation and business. The successful candidate will be joining a global support team.

What you’ll be doing.

• Perform a variety of penetration tests, including but not limited to Infrastructure (internal and external), Web Applications, APIs, Mobile, Wireless and Cloud
• Work collaboratively and independently with teammates to provide professional services to our clients
• Use offensive security expertise to research relevant tactics, techniques, and procedures for assessing and validating weaknesses in various infrastructure and technologies including cloud technologies.
• Test, reproduce and validate known vulnerabilities using automation technologies, manual penetration testing tools and know hacker tactics and techniques
• Develop scripts to automate repetitive actions of penetration tests
• Document exploits and results in remediation and professionally written reports.
• Understand, perform chained attacks, privilege escalation, and lateral movement techniques
• Conduct testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, scenario-based security testing or red teaming to identify gaps in detection and response capabilities
• Develop and document new and custom exploits
• Develop and author simple tools via scripting language
• Develop and author custom exploits
• Respond to inquiries, guide and advise customers on security best practices.
• Identify and provide improvements on existing services, including continuous improvement of existing methodologies, tools and reports
• Create strong narratives and analysis for publication.
• Serve as a mentor to other Penetration testers and Threat Analysts and support them in their work.
• Assist in pre-sales efforts as a penetration testing subject-matter expert
•  

What does it take to succeed in this role? 

To perform this job successfully, the ideal candidate must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the tools, systems and knowledge requirements based on our existing environment:

• One or more of the following certifications:, OSWA, OSWE, OSCP, CREST
• Bachelor's Degree in Cyber Security and/or 5+ years in cybersecurity - red-team/penetration testing roles.
• Strong knowledge of industry penetration testing tools
• Ability to configure, run, and monitor automated security testing tools
• Ability to Perform manual validation of vulnerabilities
• Technical understanding of various infrastructure, including web, Windows, Linux, mobile, cloud, API
• Experience identifying and exploiting web application vulnerabilities
• Strong knowledge of Networks, Linux systems, Windows systems, web applications, and scripting languages
• Strong knowledge of offensive penetration testing tools
• Strong knowledge of common attack tools, concepts, and frameworks
• Experience writing penetration testing reports
• Excellent communication skills (written and verbal)
• Ability to speak in depth on findings and remediation
• Knowledge of and ability to reverse engineer binaries for both Windows and Linux.
• Knowledge of and ability to administer network and host-based security tools to include penetration testing and ethical hacking products.
• Some knowledge of scripting languages: Python, Go, Rust, PHP, Perl, Bash, Ruby, PowerShell

In addition to your technical expertise, we expect respect, opinions, and thoughtful input. 

How we work.

Our 3 values define how we operate internally as well as externally:

• Vision - We embrace a forward-thinking mindset. Our team has a clear and inspiring picture of the future that helps drive our decisions towards creating and delivering world-class security services.
• Velocity - We have a bias for action. We move swiftly and with purpose toward our goals and objectives and can easily adapt (and adjust) along the way.
• Vigilance – We foster a culture of proactive awareness for our company and our customers, who trust us to be an extension of their team. We are always looking for areas where we can innovate, improve, fix, transform and revolutionize, which ensures the protection, safety and success of everyone at SilverSky.
•  

Individuals that can act intelligently and confidently without an ego will thrive.

If this opportunity sounds interesting and you are passionate about redefining how the world thinks about cyber security, we want to hear from you. Apply now if you are interested in learning more about how we can change the rules of engagement, together.

About SilverSky

We are a global cyber security company with more than 20 years of professional experience in the industry. Our 300+ employees are on a mission to protect our customers with comprehensive, adaptive security services that maximize technology and automate responses, while empowering security analysts to hunt for threats, react and respond immediately. It’s the human enhanced response that differentiates SilverSky and allows us to create the most comprehensive managed detection and response (MxDR) solution in the industry by delivering on our Vision, Velocity, Vigilance philosophy. Follow us on X and LinkedIn to learn more.