Web application penetration tester
Posted: April 19, 2023, 2:16 a.m. - Full Time - RemoteNetlink Voice is looking for experienced penetration tester who can work with our Development Team and conduct penetration tests on our internal/external applications.
Job Responsibilities -
• Experience in performing penetration testing on enterprise networks, web applications, and mobile applications. • Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws. • Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON). Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities. • Experience developing actionable intelligence based on open source intelligence (OSINT) gathering. • Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc. • Solid understanding of OWASP testing methodology • Think critically about complex problems and situations. • Consider emerging web-based vulnerabilities and threats from within the context of organizational risk and business impact(s). • Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigations. • Develop and deliver walkthrough(s), proof(s) of concept (PoCs), articles, and formal presentations. • Execute verification and validation testing for mitigations and fixes.