Active Job Position
Senior & Junior Penetration Tester
Cilynx is looking for a Senior Penetration Tester to perform Red Team engagements, Web Application / Mobile / Thick Client Penetration Tests and more.
- Maintain and enhance the Penetration Testing toolset and knowledge base.
- Perform deep, detailed, and advanced security operations and penetration tests, focusing Red-Team and Purple-Team activities.
- Testing and analysis will include internal networks, wireless networks, websites, open-source intelligence gathering (OSINT), and analyzing vulnerabilities indicated in security audits.
- Analyze vulnerabilities and deliver clear written reports to identify network risks and provide mitigation recommendations.
- Ongoing communication with activities stack-holders.
- Creates organizational knowledge about key technologies, tools, and methodologies.
- Learn from CyberOps/SME team members.
- Work with world-class engineers, architects, CISOs, etc.
- Develop scripts, tools, or methodologies to enhance our red teaming processes.
- Assist with scoping future engagements, leading engagements from kickoff through a high-quality report and deliveries.
- At least 6 months of work in Penetration Testing projects.
- Basic understanding and knowledge of Web and Mobile applications and mainstream/legacy technologies.
- Basic sense and knowledge of wired/wireless networks security and common protocols.
- Basic-Mid knowledge of Web & Mobile app vulnerabilities (OWASP Top 10).
- Understanding all aspects of Penetration Testing emphasizes internal networks, external networks, and web applications.
- Basic foundational security knowledge in Windows, Active Directory, and Linux environments.
- Ability to provide customer-facing support in a professional manner.
- Good verbal and written English skills.
- Proven self-gained experience of Hands-On Applicative and Infrastructural vulnerability execution and realization.
- Have a deep understanding of advanced Web Application vulnerabilities and exploitation techniques.
- Extensive networking and organizational infrastructure knowledge.
- Deep familiarity with Active Directory and JAMF environments.
- Deep familiarity with Cloud based environments (such as Azure AD, AWS, GCP, etc.).
- Out-of-the-box thinking and leveraging various knowledge domains to uniquely tailor attack paths.
- Strong collaboration and teamwork skills.
- Experience with Python, PowerShell, Bash, or similar scripting languages.
- Preferred Certifications – OSCP, OSEP, OSCE, OSWE, CRTP, CRTE, GPEN, GXPN, GWAPT, etc.
- Negotiable salary depending on your offensive skills.
- Exciting projects for both Local and Global Customers.
- Work in a motivated and skilled team of top-notch hackers.
- Training and Offensive Certifications/courses financing.
- Constant technological challenges and improved offensive capabilities in a short time.