Pentester WebAPP and API

Brak informacji o wynagrodzeniu
SeniorFull-time
#385384·Dodano 7 dni temu·2
Źródło: LinkGroup
Aplikuj teraz

Tech Stack / Keywords

APITestingiOSAndroidCloudNetworksActive DirectorySecurity

Firma i stanowisko

LinkGroup is the hiring company for this position.

Wymagania

  • Approximately 5+ years of hands-on offensive security experience, ideally within a cybersecurity consultancy or multi-client delivery environment.
  • Proven expertise in at least three of the following domains: web applications, network, mobile, or Active Directory testing.
  • Mastery of industry-standard tools such as Burp Suite, Nmap, Metasploit, BloodHound, Impacket, CrackMapExec/NetExec, Cobalt Strike, and Frida.
  • Possession of at least one of these certifications: OSCP, CRTP / CRTO, or CREST CRT / CPSA.
  • Exceptional report-writing skills and fluent professional English.

Nice to have:

  • Advanced certifications including OSEP, OSWE, OSED, CRTE, SANS GXPN/GWAPT, or cloud offensive certifications.
  • Experience in a Big 4 firm or established boutique security consultancy.
  • Hands-on experience with cloud environments such as AWS, Azure, GCP, and container technologies like Kubernetes.
  • Active community presence through published research, CVEs, open-source tooling contributions, conference talks, or top CTF achievements.

Obowiązki

  • Personally lead and execute end-to-end penetration tests across web applications, APIs, mobile apps (iOS/Android), cloud environments, and internal/external networks.
  • Perform sophisticated Active Directory security testing including privilege escalation, lateral movement, delegation/ACL abuse, and attack path analysis.
  • Write custom scripts, tooling, and proof-of-concept exploits using Python, PowerShell, and/or Bash.
  • Own the entire lifecycle of assignments, from initial scoping and effort estimation to final report delivery and remediation retesting.
  • Review and quality assure technical findings and reports from the team.
  • Provide technical input during scoping calls and proposal creation.
  • Act as the primary technical point of contact, translating complex technical risks into clear insights for developers and non-technical executives.
linkgroup

linkgroup

357 aktywnych ofert

Zobacz wszystkie oferty
Aplikuj teraz