Senior Penetration Tester

Summary

Join Bishop Fox, a leader in continuous offensive security and penetration testing, and collaborate with a dedicated team to tackle complex challenges for globally recognized organizations. As a penetration tester, you will test web applications, hack networks, reverse software, and solve challenging technical problems. You will work on a variety of projects, from short-term engagements to extended programs, providing expert opinions to clients. Bishop Fox offers remote work opportunities across the United States and a comprehensive benefits program. The company values diversity and inclusion, fostering a strong team environment. Bishop Fox is committed to making the digital world safer, with nearly 20 years of industry contributions.

Requirements

• Experience with OT network, industrial control systems (ICS), and SCADA security
• Familiarity with protocols like MQTT, CANbus, modbus, BACnet, etc
• Understanding of hardware security on multiple platforms such as ARM, MIPS, etc
• Experience with common hardware attacks such as dumping memory, attacking bootloaders, manipulating UART/JTAG/I2C/SPI interfaces
• Vulnerability assessments including manual testing to further evaluate the security of applications
• Penetration testing and code review (including DAST and SAST; experience with low level languages, C/C++)
• Understanding security fundamentals and common vulnerabilities (e.g., OWASP Top Ten) in addition to more modern web app and enterprise app vulnerabilities
• 5+ years of application-focused offensive security experience in supporting a variety of engagements with clients from a variety of industries
• Additional experience in IT, security engineering, system and network security, authentication and security protocols, and/or applied cryptography
• Scripting/programming skills (C, C++, Python, Ruby, Java, JavaScript, etc.)
• Network and web-related protocol knowledge (e.g., TCP/IP, UP, IPSEC, HTTP, HTTPS, routing protocols)
• Superior communication skills (i.e., written and verbal) - including the ability to work as a mentor on engagements

Responsibilities

• Test web applications, hack networks, and reverse software
• Work on a variety of projects which include short-term engagements and extended program work with well-established clients
• Solve challenging technical problems and build creative solutions
• Provide your expert opinion to help our clients navigate difficult business decisions

Preferred Qualifications

• Experience with pen testing automobiles/vehicles is a plus
• OSCP/E, GWAPT, GPEN, or GXPN certifications are helpful, but not a necessity
• Advanced relevant academic training is a definite bonus, i.e., Bachelor’s in Computer Science

Benefits

• Our comprehensive benefits program is tailored to meet your needs at an affordable price
• Bishop Fox has always allowed its employees to work remotely, and this role could work anywhere in the United States