Infrastructure Penetration Testing
Apply NowCompany: Diamondpick
Location: Jersey City, NJ 07305
Description:
Job Description:
- 8+ years of working experience and strong understanding of infrastructure vulnerability assessment and penetration testing
- Working experience and good hands-on understanding of manual penetration testing and updated with latest tactics, techniques and procedures
- Proficiency with vulnerability assessment & penetration testing tools (Burp Suite, Nmap, Nessus, Metasploit, and other commercial and open-source tools)
- Strong knowledge of network protocols, operating systems, databases, security standards and best practices
-
- Strong expertise in planning and create penetration testing methods, scripts and test cases
- Experience with network and system hardening techniques
- Understanding of cryptographic principles and secure communication protocols
- Ability to analyze and investigate security-related vulnerabilities, remediation/ mitigation techniques and identify false positives
- Working knowledge of regulatory and industry security standards (e.g. GDPR, HIPAA, PCI DSS, SOX, NIST and GLBA)
- Working knowledge of penetration testing using industry best practices such as OWASP top 10, CWE/ SANS TOP 25 standards and Threat-Led Penetration Testing (TLPT)
- Proficiency with documenting and reporting security issues and vulnerabilities, providing recommendations for remediation and demonstrating/ explaining to a wide audience
- Proficiency with black/gray box penetration testing on Workstation Build (Win 10/11) is a plus
- Relevant certifications (e.g., OSCP, CEH, CISSP) are a plus