WEB APPLICATION - PENETRATION TESTER

Functional overview

The Illumio Information Security team is responsible for securing our products, services, data, and technology assets. We believe security is an enabler, and our objective is to help the business be successful. As Web Application Penetration Tester, you will be helping us to secure our products, using a combination of review, assessment, testing, and automation. But you won’t be alone – although we are specialists each in our own way, we wear many hats and work collaboratively to help each other be successful.

Duties and responsibilities

• Perform web application penetration testing using manual testing techniques and automated tools
• Identify vulnerabilities in web technologies such as HTTP, SSL/TLS, RESTful APIs, etc
• Analyze source code for potential vulnerabilities using static code analysis tools
• Develop custom scripts or exploits to validate identified vulnerabilities
• Document findings in detailed reports that include vulnerability descriptions, risk assessments, recommendations for remediation, and proof-of-concept exploits
• Stay up to date with the latest trends in cybersecurity threats, vulnerabilities, tools, and methodologies

Minimum competencies

• Strong understanding of common security vulnerabilities (OWASP Top 10)
• Familiarity with programming languages such as Ruby, Go or JavaScript
• Knowledge of secure coding practices and common web application security vulnerabilities
• Strong problem-solving skills and the ability to think critically and creatively
• Ability to work independently and as a part of a team

Minimum qualifications

• 3 years of experience in web application penetration testing or related field
• Relevant certifications such as OSCP, eWPT, CPTS are a plus