Security Consultant II (Web Application Penetration Tester)
NetSPI · Minneapolis, MN · 5 days ago
RemoteRemoteInformation TechnologyFull-time
Responsibilities
- Conduct penetration testing engagements on web applications and underlying APIs.
- Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture.
- Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes.
- Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.
Requirements
- Bachelor’s degree or higher required, with a concentration in Computer Science, Engineering, Math, or IT preferred, or equivalent experience.
- Minimum of 2-3 years of work experience in application penetration testing.
- Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus).
- Familiarity with offensive and defensive IT concepts and protocols.
- Extensive understanding of the OWASP Top 10 and various security frameworks.
- Working knowledge of Windows, Linux and MacOS operating systems internals.
- Ability to work independently and as part of a team.
- Proficient communication skills, both written and verbal.
- Willingness to travel up to 5-10%.
Qualifications
- Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences.
- Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#).
- Offensive cybersecurity certifications (e.g., GXPN, GPEN, OSCP, CISSP, GWAPT).