Pre-engagement activities including scoping assessments and working with clients to determine their scanning requirements and restrictions
Identify new targets for scanning and changes and identify changes within a target environment over time.
Take scanner output and process this into a detailed analysis of the issue, exposure for the affected business and develop proof of concept exploits for detected issues.
Communicate discovered issues to the client in a detailed, accurate and manageable way by means of vulnerability notifications and monthly vulnerability digests.
The candidate should be passionate about developing a career in Information Security, specifically around Penetration Testing and Security Assessment.Desirable Skills
Strong knowledge of Web Application vulnerability exploitation, including but not limited to the OWASP Top 10
Experience with Burp Suite Pro, SQLMap, Metasploit, Nmap
Experience with live Bug Bounties, or vulnerable systems such as DVWA or WebGoat
Knowledge of a scripting language such as Python, Ruby, or PowerShell