Job Title – Penetration Tester
Job Location – Princeton NJ
Length – Contract (3 Months+)
We are looking for an experienced and motivated Penetration Tester to support several 3-4 week assignments.
Focus is on enterprise / IT applications and systems.
We expect a high level of expertise - assignments will go beyond operating standard tools and assessing patch levels and open ports. Assignments focus on deep technical penetration testing, i.e., evaluation applications for unknown risk and entry points, and include assessment of the impact of identified deficiencies (i.e., what is the worst case a hacker can do if an identified vulnerability was exploited).
Promising candidates will be asked to demonstrate their abilities in a small Capture the Flag setup.
Your responsibilities will focus on:
- to conduct Cyber Security Assessments and Penetration Tests (hands-on work) against network and (web) applications, as an individual, self-managed tester, embedded in a team of experienced PenTesters
- to search for security vulnerabilities in traditional IT assets (web applications, fat clients, ERP systems, installations of COTS products, etc)
- to diligently document findings in reports intelligible for both, management and technical staff
- to recommend tangible mitigating actions, and helps application owners to understand findings and mitigation strategy
**Successful candidate must have experience in manual PenTesting, not just vulnerability scanning. If unable to actually exploit, e.g., an SQL Injection or XSRF vulnerability, capabilities will not suffice for our needs.
APN Software Service INC