Penetration Tester

Brak informacji o wynagrodzeniu
MidFull-time·Umowa o pracę
#383928·Dodano dziś·0
Źródło: justjoin.it
Aplikuj teraz

Tech Stack / Keywords

Burp Suite ProfessionalCaidopenetration testingapplication security testingvulnerability validationOffensive SecurityPythonPowershell

Firma i stanowisko

The Information Security Protect organization at Procter & Gamble is responsible for simulating threat actor behaviors to improve applications, systems, detection, and response capabilities by regularly testing security controls across the enterprise.

Wymagania

Qualifications (Required):

  • Bachelor's degree or equivalent in Information Security, Cybersecurity, Computer Science, or related field, or 2+ years relevant experience.
  • Over 2 years experience in penetration testing, application security testing, vulnerability validation, or offensive security.
  • Ability to lead defined-scope penetration tests and escalate complex or high-risk issues.
  • Experience with vulnerabilities in 2+ domains such as web apps, APIs, mobile apps, cloud infrastructure, databases, networks, servers, IoT, identity platforms, or AI systems.
  • Ability to automate tasks using languages like Python, PowerShell, Bash, Go, C#, or JavaScript.
  • Basic Linux command-line experience and familiarity with Windows environments.
  • Ability to read and understand code to identify security-related logic.
  • Basic hands-on experience with at least one major cloud provider (GCP, AWS, or Azure).
  • Adversarial mindset with strict adherence to rules of engagement.
  • Clear written and verbal communication skills.

Qualifications (Preferred Skills):

  • Penetration testing or security certifications such as OSCP, OSWE, GPEN, GXPN, GWAPT, PNPT, or eJPT.
  • Experience with CTFs, Bug Bounty programs, Vulnerability Disclosure Programs, or public technical write-ups.
  • Experience using AI tools for reconnaissance, code review, vulnerability triage, or reporting.
  • Exposure to testing AI-enabled applications, LLM systems, AI agents, or related workflows.
  • Experience with mobile, IoT, embedded systems, firmware, reverse engineering, or hardware security testing.
  • Exposure to cloud and identity attack paths including SSO, MFA, OAuth, IAM, secrets exposure, conditional access, or privilege escalation.
  • Familiarity with tools such as Burp Suite, Nmap, Metasploit, Frida, Ghidra, IDA, BloodHound, or cloud security testing tools.
  • Curiosity, humility, and desire to improve technical depth and reporting quality.

Obowiązki

  • Lead penetration tests across websites, services, APIs, infrastructure, cloud environments, networks, IoT devices, mobile applications, and enterprise applications.
  • Partner with Intake Management, senior testers, and stakeholders to confirm objectives and engagement readiness.
  • Execute reconnaissance, vulnerability discovery, exploitation, evidence collection, reporting, and remediation validation.
  • Identify, validate, exploit, and document security vulnerabilities within approved scope.
  • Validate related vulnerabilities to demonstrate realistic impact and escalate complex attack chains.
  • Test for control gaps and document weaknesses in preventative or detective controls.
  • Investigate and validate findings from Vulnerability Disclosure Programs and Bug Bounty initiatives.
  • Collaborate with engineering, product, cloud, infrastructure, and security teams to explain findings and support remediation.
  • Utilize approved scripts, templates, automation, and AI-assisted workflows to enhance testing efficiency and reporting.
  • Assist with testing AI-enabled applications and integrations for security risks.
  • Produce standardized reports with reproduction steps, evidence, impact, affected systems, and remediation guidance.
  • Contribute to team knowledge sharing, documentation, test notes, templates, and process feedback.

Benefity

  • Work on P&G-sized projects with access to leading IT partners and technologies from day one.
  • Wide range of self-development opportunities including training and certification paths.
  • Competitive starting salary and benefits including private health care, P&G stock, saving plans, and sport cards.
  • Regular salary increases and potential promotions based on performance.
  • Opportunity to change roles every few years for career growth.
  • Hybrid work model allowing two days remote work and three days in the office weekly.
Opieka zdrowotna
Udziały pracownicze
Karta sportowa

Inne informacje

Employment is exclusively on the basis of a full-time employment contract (Umowa o Pracę). Apply only if you agree to these conditions.

Procter & Gamble

Procter & Gamble

25 aktywnych ofert

Zobacz wszystkie oferty
Aplikuj teraz