Mobile & Web Application Penetration Tester - Ottawa, Canada - Cyberclan

Cyberclan

Verified Company

Ottawa, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Summary/Objective

Essential Functions

Performing sophisticated adversary simulation operations against CyberClan and customers systems to identify gaps in prevention, detection, and/or response.
Leveraging threat intelligence to hunt for indicators of compromise and vulnerabilities.
Managing and improving breach and attack simulation tools.
Social engineering to identify areas for improvement in security awareness.
Remaining up to date on new and arising testing techniques and threats.
Managing client expectations to ensure customer success.
Documenting feedback and reporting to managers for review.

Required Skills, Experience, Degrees or Certification

Write penetration testing reports on time, with extensive evidence, and excellent grammar.
Ability to think like an adversary and like a defender.
Fully understand and map TTPs (e.g., MITRE ATT&CK) to report writings and presentations.
Familiarity with common web vulnerabilities, including XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Serverside Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws (OWASP Top 10s).
Experience with scripting and programming languages (e.g., Python, Ruby, Bash, C/C++, C#, Java, JavaScript, etc.).
Ability to review and edit existing codebases.
Familiarity with secure coding practices and techniques.
Experience rooting or jailbreaking mobile devices.
Experience with LTE and GSM protocols.
Working knowledge of Frida or Radare
Experience conducting security assessments on IoT and OT platforms.
Familiarity with iOS or Android operating systems.
Indepth understanding of enterprise networks and security defenses.
Understanding of network protocols, *nix, and Windows operating system functionality.
Strong knowledge of cybersecurity tooling and technology.
Experience or strong understanding of cloud concepts and platforms.
Ability to demonstrate leadership skills to drive client projects.

Preferred Skills, Experience, Degrees or Certifications

GWAPT, OSCP, OWSA, OSWE, GPEN or related certifications.
Organization and ability to gather and prioritize findings and action items.
Ability to strategize and think outside of the box under pressure.
Ability to work independently as well as on a team.

Job Type
Full-time/Exempt

Location
100% Telecommuting

% of Travel Required
0-5%

Physical Requirements
Prolonged periods of sitting at a desk and working on a computer.

CyberClan is an equal-opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status
Similar to the above one.