Senior Penetration Tester - Sandton, South Africa - Dimension Data
Description
FunctieomschrijvingPerforms penetration testing and attack simulations on business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws. Probes for security weaknesses in applications, networks and systems. Experiments with various methods attackers could use to exploit information security vulnerabilities. Completes threat assessment reports that outline penetration test findings and presents findings to clients. May conduct physical security assessments of servers, systems and network devices.
Key Roles and Responsibilities:
Perform penetration tests against internal and external facing systems.
Provide input to improve the quality and effectiveness of tests in a highly scaled and global environment.
Articulate complex technical risks through creation of reports and delivering presentations to key stakeholders.
Work with the SecOps teams to test the orchestration and automation processes and platforms, feed results into a testing program.
Support the assessment risk and the development and/or recommends appropriate mitigation countermeasures based on empirical testing.
Provide comprehensive technical expertise with web, application and database vulnerability testing
Support the development of the security automation framework and the implementation roadmap.
Knowledge, Skills and Attributes:
Ability to work unsupervised in a remote capacity and deliver results
Demonstrate a strong ability to engage with various stakeholders, have a team based approach and work towards share goals and outcomes.
Ability to think outside the box and a passion to improve your skills and drive innovation
Ability to compromise systems and demonstrate ways to laterally move post compromise
Academic Qualifications and Certifications:
Information Technology degree
Security related certifications such as OSCP, OSCE or CREST are desirable
RequirementsAcademic Qualifications and Certifications:
Information Technology degree
Security related certifications such as OSCP, OSCE or CREST are desirable
Required Experience:
Extensive penetration testing experience in a similar role.
Experience with both commercial and open source security tools and scripting languages
Exposure to security testing scenarios e.g. Capture the Flag / Red Team / Blue Team is desirable
Experience with various testing platforms is desirable
10 years + working experience