The Penetration Tester is responsible for working as part of the Assessment Team to conduct and participate in offensive and defensive security projects for OccamSec and its clients. This individual will work as part of a security team and report to an Assessment Team Lead.

Job Responsibilities:

Conduct security audits, network penetration tests, and web application, API and cloud assessments.
Draft security assessment reports that outline findings and provide a walkthrough of the assessment performed with evidence provided appropriately.
Use social engineering to identify improvement for security awareness and education.
Provide guidance and recommendation to clients on ways to fix or reduce security risks to their networks and products.
Operate as part of a team on larger, more complex projects with oversight from senior team members.
Operate independently on projects within defined-skill set, with oversight from a Project Manager.
Maintain proficiency in current security tools and skills.

Experience:

Proficient in working with AWS services like EC2, S3, KMS, RDS, or similar services on Azure & GCP, with a focus on implementing security best practices.
Skilled in conducting penetration tests for API, Mobile, Cloud, and Web Applications.
Familiarity with scripting languages such as Python, Perl, Go or Ruby.
Hands-on experience in building or developing Server or Application Technologies.
Utilized penetration tools effectively in various scenarios.
Applied expertise in replicating threat behaviors.
Proficient in using packet analyzer tools like Wireshark and tcpdump.
Sound understanding of IP network protocols, sub-netting, routing, switching, etc.
Extensive background in penetrating and exploiting secure networks and systems, staying updated with the latest security software packages, protocols, and computer technologies.
Excellent written and oral communication skills, with a proven track record in generating comprehensive reports and assessments.