Penetration Tester

Summary

Join Bishop Fox, a leader in continuous offensive security and penetration testing, and collaborate with a dedicated team to tackle complex challenges for some of the world's most recognized organizations. As a penetration tester, you will test web applications, hack networks, reverse software, and solve challenging technical problems. You will work on a variety of projects, including short-term engagements and extended program work with well-established clients. You will provide expert opinions to help clients navigate difficult business decisions. Bishop Fox offers a comprehensive benefits program and allows employees to work remotely anywhere in the United States. The company embraces diversity and inclusion, fostering a powerful and collective talent base.

Requirements

• 4+ years experience in planning, conducting, and managing web application penetration tests
• 5+ years of application security experience
• Experience with cloud platforms and technologies including Azure, GCP, Docker, and Kubernetes
• Deep understanding of security fundamentals (OWASP), common vulnerabilities, and application security best practices
• Skilled in vulnerability assessment and the development of exploits for diverse targets
• Experience with programming and scripting languages such as Python, Ruby, PowerShell, Java, JavaScript, etc
• Proficiency with operating systems- Linux, Windows, MacOS
• Experience with network and system exploitation including modern tactics, techniques, and procedures (e.g. c2 frameworks, EDR bypass, privilege escalation, password cracking, lateral movement, etc.)
• Strong technical reporting and documentation skills

Responsibilities

• Plan, conduct, and manage web application penetration tests
• Test web applications
• Hack networks
• Reverse software
• Solve challenging technical problems
• Build creative solutions
• Provide expert opinions to help clients navigate difficult business decisions

Preferred Qualifications

• Experience with AWS cloud environments preferred with an understanding of its major technologies, such as IAM, EC2, VPC, EBS, S3, CloudWatch, and Lambdas, and how to keep them secure
• Background in system and network security, authentication and security protocols, and applied cryptography is helpful
• Advanced relevant academic training, such as a degree in Computer Science or an OSCP, is a definite bonus

Benefits

• Our comprehensive benefits program is tailored to meet your needs at an affordable price
• Bishop Fox has always allowed its employees to work remotely, and this role could work anywhere in the United States