Role details

Penetration Tester | Ethical Hacker

New York   •  Permanent

Bullet points

  • Ethical Hacker
  • Assurance Validator

About Our Client

Our global financial services client is seeking a Penetration Tester / Ethical Hacker. You will use a series of penetration tools - some predetermined and some that you design yourself - to simulate real-life cyber-attacks. Ultimately your aim is to help the organization improve its security

Job Description

Your role as the Penetration Tester / Ethical hacker will typically focus on exploiting vulnerabilities (e.g. making it a goal to break part of the current system) and be expected to document and explain your methods and findings.

  • Perform formal penetration tests on web-based applications, networks and computer systems
  • Conduct physical security assessments of servers, systems and network devices
  • Design and create new penetration tools and tests
  • Probe for vulnerabilities in web applications, client applications and standard applications
  • Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
  • Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
  • Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
  • Research, document and discuss security findings with management and IT teams
  • Review and define requirements for information security solutions
  • Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
  • Provide feedback and verification as an organization fixes security issues

The Successful Applicant

Oral and communication skills are very important to be successful in this position. In addition to the amount of paperwork (writing reports and assessments), part of your day will involve explaining your methods to technical and non-technical audiences. You could also be coordinating social engineering initiatives.

Other technical experiences to help you succeed in this role are:

  • Windows, UNIX and Linux operating systems
  • C, C++, C#, Java, ASM, PHP, PERL
  • Network servers and networking tools (e.g. Nessus, nmap, Burp, etc.)
  • Computer hardware and software systems
  • Web-based applications
  • Security frameworks (e.g. ISO 27001/27002, NIST, HIPPA, SOX, etc.)
  • Security tools and products (Fortify, AppScan, etc.)
  • Vulnerability analysis and reverse engineering
  • Metasploit framework
  • Forensics tools
  • Cryptography principles

What's on Offer

Competitive Base, Bonus and Benefits

Apply for this job

Click the Apply or LinkedIn button below or contact Christopher Adeyeri quoting job reference 1219696
As you are using an Apple iOS device we are unable to offer you the CV upload function. Please apply with your Linkedin profile below or contact Christopher Adeyeri quoting job reference 1219696