A-LIGN

Senior Penetration Tester

Posted 6 Days Ago

Easy Apply

Be an Early Applicant

Sofia, Sofia-grad

Senior level

Security • Cybersecurity

The Role

The Senior Penetration Tester conducts various penetration tests and vulnerability assessments, delivers high-quality reports, and ensures client systems are secure.

Summary Generated by Built In

About the Role

The Senior Penetration Tester works to test and improve the security of our clients’ systems and data across a wide range of industries. In this role, you will be responsible for the execution of all types of penetration tests, social engineering tests, and vulnerability scans, as well as compiling and writing client reports. As the Senior Penetration Tester, you will provide exceptional testing and high-quality deliverables to clients to help continued growth of our fast-paced company.

Reports to

Managing Consultant

Pay Classification

Full-Time

Responsibilities

Execute internal, external, wireless, and web application pen tests
Perform social engineering tests, including phishing, vishing, and physical
Complete vulnerability scans and assessments
Compile and write client reports
Reimage devices and virtual machines with Kali Linux
Create and write Bash scripts from the command line
Create, modify, move, and write files and documents from the command line only

Minimum Qualifications

EDUCATION

Master’s or Bachelor’s degree in cybersecurity, management information systems, computer science, or relevant discipline

EXPERIENCE

At least 5 years of experience with penetration tests and vulnerability assessments; including internal, external, wireless, mobile, and web application testing
Performed network and application pen tests
Programming experience in one or more of the following languages: Ruby, Python, Perl, C, C++, Java, and C#
Proficiency in working with both Windows and Linux operating systems
Demonstrated ability to perform penetration testing from the network layer to the web application layer, culminating in the completion of a quality report
Familiarity with major cloud CSPs such as AWS, Azure, AliCloud, Google Cloud, and Rackspace, including their associated internal components and controls
Solid understanding of SOAP/REST/JSON web APIs and methodologies for testing them
Working knowledge of standard security assessment tools (e.g., NMAP, metasploit, Scapy, Burp Suite, SSLStrip, Ettercap, Nessus, Nikto, AppScan)
Involvement with CTF (Capture The Flag) and exploitation tools (HackTheBox profile preferred)
Background in Security Operations, Incident Response, forensics, red-teaming, or DevOps preferred

CERTIFICATIONS

One of the following certifications required:

OSCP/eCPPT or other related penetration testing certifications
eWPT or other applicable web app cert

Two of the following certifications required:

GWAPT, CEPT, LPT, GPEN, CPT, GXPN, PenTest+, GAWN, GMOB, CRTOP

SKILLS

Background and understanding on networking, firewalls, and subnets
Understanding of security best practices
Thrives in a fast-paced environment
Excellent communication skills
Ability to work individually as well as collaboratively
A high degree of motivation
A security focused mindset
Proficiency with scripting languages (Python, Bash, JavaScript, PowerShell)
Ability to create, modify, write documents from command line, and write Bash scripts to automate or facilitate tasks

Benefits

Healthcare, Dental, and Vision Benefits
EAP - Employee Assistance Program
Competitive Bonus Structure
Home Office Reimbursement
Technology Allowance
Certification Reimbursement
Public Transportation Card
Multisport Card
Personalized Career Coaching
Generous Paid Time Off
Paid Office Closure December 24-January

About A-LIGN

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com.

Come Work for A-LIGN!

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.
A-LIGN is an Equal Opportunity Employer.

The personal data you provide to us is processed by A-LIGN Bulgaria. Your personal data is shared with employees of A-LIGN, and the candidate data retention period is 6 months. You have the right to obtain information about the processing of your personal data. In addition, you have the right to correct, to block, and to delete your data in accordance with the local laws and regulations. For more information you can visit A-LIGN’s Job Ads Privacy Policy.

Top Skills

Alicloud

Appscan

AWS

Azure

Bash

Burp Suite

C++

Ettercap

GCP

Java

Linux

Metasploit

Nessus

Nikto

Nmap

Perl

Python

Rackspace

Ruby

Scapy

Sslstrip

Windows

View all jobs at A-LIGN

View A-LIGN Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Tampa, FL

573 Employees

Year Founded: 2009

What We Do

A-LIGN is a technology-enabled security and compliance partner that helps global organizations take a strategic approach to confidently mitigate cybersecurity risks. Our breadth and depth of expertise and A-SCEND, our proprietary compliance management platform, enable you to assess against the leading cybersecurity compliance frameworks important to your business – with one partner.

With A-LIGN as your guide, we bring you the people, process and platform you need to secure your summit, protect against future risks and build customer confidence so you can focus on elevating your business.