Role: Penetration Tester
Location: Radbroke Hall, Knutsford WA16 9EU, United Kingdom
Key Responsibilities:
* Assess and scope security needs for applications and infrastructure.
* Conduct Web, API, Mobile, Thick Client, and Network penetration tests to uncover vulnerabilities.
* Identify and document technology and control risks across platforms.
* Recommend improvements in procedures, processes, operations, and systems for enhanced security.
* Collaborate to refine and enhance reporting methodologies.
* Facilitate remediation of identified vulnerabilities, collaborating with relevant stakeholders across the enterprise.
* Identify opportunities to reduce risk and recommend mitigation or acceptance options.
* Continuously research, analyze, and identify potential vulnerabilities within the company’s information systems.
Required Experience & Qualifications:
* Experience: 2-4+ years in penetration testing, covering a range of security domains.
* Certifications: CEH, eWAPT, ECSA, OSCP, GWAPT, eWPTX (desirable).
* Technical Skills: Hands-on experience with penetration testing tools, including Burp Suite, Nessus, Kali Linux, POSTMAN, Fiddler, SOAPUI, HCL AppScan, Sqlmap, Mobsf, Apktool, etc.
Required Technical Expertise:
* Web Application Testing: Experience with VAPT (Black, Gray, White box testing) and OWASP Top 10.
* API Security Testing: Proficiency in REST, SOAP, XML, and JSON security testing.
* Mobile Security Testing: SAST and DAST testing on iOS and Android platforms.
* Thick Client Security Testing: Experience with testing desktop applications for security vulnerabilities.
* Network Security: Ability to conduct external and internal network penetration testing.
* Cloud and Container Security: Foundational knowledge of securing cloud and container environments.
Soft Skills and Personal Qualities:
* Self-motivated, with the ability to work independently and make decisions with minimal supervision.
* Strong communication and interpersonal skills, with the ability to present findings effectively.
* Willingness to learn and adapt to organizational policies and processes.
* Strong presentation and public speaking skills for communicating security findings and solutions.
To Apply:
If you meet these criteria and are excited to make an impact, please submit your CV to ranjani.v@ampstek.com.