Mobile & Web Application Penetration Tester - Ottawa, Canada - Cyberclan
Description
Summary/Objective
Essential Functions
- Performing sophisticated adversary simulation operations against CyberClan and customers systems to identify gaps in prevention, detection, and/or response.
- Leveraging threat intelligence to hunt for indicators of compromise and vulnerabilities.
- Managing and improving breach and attack simulation tools.
- Social engineering to identify areas for improvement in security awareness.
- Remaining up to date on new and arising testing techniques and threats.
- Managing client expectations to ensure customer success.
- Documenting feedback and reporting to managers for review.
Required Skills, Experience, Degrees or Certification
- Write penetration testing reports on time, with extensive evidence, and excellent grammar.
- Ability to think like an adversary and like a defender.
- Fully understand and map TTPs (e.g., MITRE ATT&CK) to report writings and presentations.
- Familiarity with common web vulnerabilities, including XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Serverside Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws (OWASP Top 10s).
- Experience with scripting and programming languages (e.g., Python, Ruby, Bash, C/C++, C#, Java, JavaScript, etc.).
- Ability to review and edit existing codebases.
- Familiarity with secure coding practices and techniques.
- Experience rooting or jailbreaking mobile devices.
- Experience with LTE and GSM protocols.
- Working knowledge of Frida or Radare
- Experience conducting security assessments on IoT and OT platforms.
- Familiarity with iOS or Android operating systems.
- Indepth understanding of enterprise networks and security defenses.
- Understanding of network protocols, *nix, and Windows operating system functionality.
- Strong knowledge of cybersecurity tooling and technology.
- Experience or strong understanding of cloud concepts and platforms.
- Ability to demonstrate leadership skills to drive client projects.
Preferred Skills, Experience, Degrees or Certifications
- GWAPT, OSCP, OWSA, OSWE, GPEN or related certifications.
- Organization and ability to gather and prioritize findings and action items.
- Ability to strategize and think outside of the box under pressure.
- Ability to work independently as well as on a team.
Job Type
Full-time/Exempt
Location
100% Telecommuting
% of Travel Required
0-5%
Physical Requirements
Prolonged periods of sitting at a desk and working on a computer.
CyberClan is an equal-opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status
Similar to the above one.
More jobs from Cyberclan
-
Digital Forensics
Canada - 5 days ago
-
Systems Security Analyst
Vancouver, Canada - 2 weeks ago
-
Security Operations Centre Lead
Canada - 6 days ago
-
Head of Sales
Ottawa, Canada - 2 weeks ago
-
IT Services Lead
Canada - 5 days ago
-
IT Security Manager
Canada - 6 days ago