You will be a member of a strong community of internal penetration testers, with exposure to all parts of the firm and its most critical systems. The role involves penetration testing of a wide variety of applications, including web applications, infrastructure, and cloud. You will have access to the source code for most of the tested systems, enabling quick verification of your hypotheses.
In this role, you will join one of the most progressive Technology Risk teams in the industry , which continues to push the development of risk in preference to security within technology and the business. You will collaborate with technology teams on both in-house projects andexternal cloud adoptions to deliver secure products and solutions.
HOW YOU WILL FULFILL YOUR POTENTIAL
• Perform penetration tests and find impactful vulnerabilities in a wide variety of webapplications, cloud-based systems, and infrastructure platforms (e.g., banking websites,payment applications, authentication systems, core internal frameworks, criticalinfrastructure)
• Work with teams to recommend ways of addressing vulnerabilities and propose systematic improvements.
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
• Experience in penetration testing across the mentioned areas.
• Strong understanding of web security topics, ability to build exploit chains, and articulatethe impact of individual findings.
• Experience in analysing complex infrastructural systems by code review, server and cloud configuration analysis, reverse engineering, and fuzzing.
• Working knowledge of common security tools (Burp Suite, Wireshark, Ghidra, netcat)
• Familiarity with one or more languages (Java, JavaScript, Python, C++, C#)
• Well-versed with TCP/IP stack and network protocols
• High-level knowledge of cryptography concepts
PREFERRED QUALIFICATIONS
• Experience in adopting or crafting custom proof-of-concept exploits
• Knowledge of common cloud products and solutions
• Bachelor of Science in Computer Science, Cyber-Security, or Information Security is preferred
• Experience or training in related disciplines, e.g. ,computer security, network security,network device management, IT administration, cloud security,and infrastructure pentesting is preferred
• Certificates (of equivalent knowledge) like OSCP, OSEP, OSWP
Infotree Global was founded in 2002 in a small office in Canton, MI, Infotree Global had a clear mission; To bring the world’s best talent together with the greatest companies producing results through continuous improvement and innovation. From those humble beginnings, Infotree Global has explosively grown from a two-person operation to a global solutions company, functioning in over 150 countries across 5 different continents.
Infotree Global proudly serves more than 250 of the Global 1000, numerous government agencies, and some of the world’s largest nonprofit organizations. Our sustained growth is attributed to our focus and commitment to our thousands of full-time professionals. In today’s market, where high-quality dedicated individuals are in demand; Infotree Global recognizes that an emphasis on understanding, achieving, and exceeding our employee’s goals, aspirations and overall experience is paramount. This “people over profits” mindset has yielded tremendous success for our employees and clients. Our employees have a vast array of assignments available across the world to help achieve and exceed their career goals and our clients have motivated, dedicated, and hardworking professionals on their team. We are here to help the best talent work with the greatest companies to produce innovative results in a variety of industries including but not limited to IT, Engineering, Clinical, Skilled Trades, Finance and Accounting.
Our mission’s success is supported by several industry awards and accolades. If you are looking for a committed and understanding partner, your search ends here.
