Senior Penetration Tester

Responsibilities

- Works with AppGuard security experts and prepare practical application exploits and VMWare Workstation images and demonstrate such exploits in VMWare Workstation Environment.

- Prepare the practical application exploits using existing MetaSploit modules (Kali Linux), or modify existing MetaSploit modules when necessary to ensure exploit and variations of the exploit works, the exploit launches post exploit attack and demonstrate AppGuard defeats various post exploit attacks.

- For live audiences, present series of live attacks, malware exploits, malware and show AppGuard’s capabilities in defending the endpoints, defending the enterprises

Requirements

- Good Presentation skills

- Strong verbal and written communication skills

- Bachelor's degree in Information Security, Computer Science, or other engineering field and 3+ years of work experience in a security field with pen testing

- Ability to develop exploits based on vulnerability reports and/or ability to make modifications on existing exploits

- Ability to quickly develop (or modify existing) weaponized documents (Word or Excel) for demonstrating other signature-based products fail to detect. The new attacks should have customizable polymorphic downloader or creates PowerShell script on the file system to launch and alters registry entries to become persistent in the system.

Desired Skills

- Hands on (Kali Linux) MetaSploit Expert with exploit development expertise. Familiarity with PowerSploit, and Empire.

- Ability to modify attacks, exploits, MetaSploit modules quickly to create variations on a theme type of attacks

- Expert level understanding of the spectrum of exploits and attacks, in-depth familiarty with Metasploit libraries to rapidly construct, when possible, on-the-fly attacks to show AppGuard’s capabilities effectively in a clear, and precise way.

- Programming and scripting experience

- Certifications (Certified Ethical Hacker (CEH) GIAC Penetration Tester (GPEN) GIAC Certified Forensic Examiner (GCFE)), training on hands on exploit development are plus

To apply for this position, complete the form below and upload your resume and cover letter.

Or contact us directly at kkoutu@appguard.us