Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Penetration tester (100% Remote Canada)
Company Vumetric Cybersecurity
Location Canada (Remote)
Preferred GIAC Certifications GWAPT, GPEN
Travel 0%
Salary Not provided
URL https://www.vumetric.com
Contact Name Anonymous
Contact Email jobs/at/vumetric.com
Expires 2020-09-26

Job Description

We have an exciting career opportunity for a motivated Penetration tester. This is a 100% remote, permanent, full-time position to start immediately.

Vumetric is a leading provider of penetration testing services. Our customers include leading enterprises, government organizations and SMBs. You will be joining an exciting and rapidly growing company. This is an outstanding position offering an attractive salary, defined career path, and excellent support from existing team members.

About You
- You are currently based in Canada and eligible to work without sponsorship
- You are passionate about cybersecurity with an Ethical Hacker mindset.
- You have a desire to work in a fast moving, forward leaning, and modern technological environment
- You have a strong desire to continually learn about new technologies
- You can document and explain technical details in a concise, understandable manner
- You are able to handle multiple concurrent tasks and shifting priorities
- You have the ability to work independently and within a team

Responsibilities
- Perform network, Web, and mobile application penetration testing
- Document and build comprehensive reports based on test findings
- Stay up to date on current tools, technologies, and vulnerabilities
- Effectively communicate findings and recommendations to client stakeholders
- Enhance and update Vumetric testing methodologies, processes, and standards documentation

Requirements
- At least 3 years of experience in penetration testing
- Knowledge of common application-level vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
- Hands-on expertise with commercial and open-source penetration testing tools (ex: Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit, CANVAS, SQLMap, Empire, etc.).
- Understanding of Linux/Windows-based operating systems
- Programming skills in Python, Powershell, Ruby, or other relevant languages.
- Knowledge of common penetration testing methodology and standards (PTES, OWASP, CREST, OSSTMM, CWE, CAPEC, CVE, CVSS, etc.)

Additional Qualifications
- Knowledge of common cloud-based infrastructure (AWS, Azure, GCP etc.)
- Open-source contributions
- Experience with CTFs and/or bug bounties
- Experience with software development
- Bilingual (English & French)

Certifications (Assets)
- GIAC Certified Penetration Tester (GPEN)
- GIAC Web Application Penetration Tester (GWAPT)
- Offensive Security Certified Professional (OSCP)
- Offensive Security Certified Expert (OSCE)
- Certified Secure Software Lifecycle Professional (CSSLP)
- Certified Security Analyst (ECSA)

Clearance
The successful candidate will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.