A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. Not to be confused with a vulnerability assessment.
- Being skilful in using and interpreting results from common security tools including but not limited to Burp Suite, Nessus, OpenVAS, Yersinia, Scapy, Wireshark, Nmap (with advanced options), SQLMap, SSLyze, THC-IPV6, BeEF and other tools in PenToo or Kalinux distro.
- Familiarity with industry standard classification schemes such as CVE, CVSS, CWE, CAPEC.
- Experience with basic to intermediate working knowledge of Unix, Linux, Windows, network devices, firewalls, web and/or mobile application developments.
- Be able to code at least in one scripting language: Ruby, Python, Perl or Burp Suite Plugin Scripting.
- Willing to develop tools or scripts as necessary so as to create proof-of-concept in challenging engagements.
- Possess strong analytical mind in analysing, and verifying findings from security tools.
- Willing to conduct security research as necessary to discover critical hidden vulnerabilities.
- Possess relentless self-motivation and passion to explore new technologies, learn new penetration testing techniques and tools, and circumvent security controls imposed in hardened applications.
- Possess good interpersonal communication skills and helping mind in team-oriented environment.
- Excellent presentation and communications skills to effectively communicate with management and customers.
- Ability to clearly articulate complex concepts (both written and verbally).
- Ability, understanding, and usage of active listening skills (especially with customers!).
- Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent experience
- CEH
- eJPT
- OSCP
- PNPT
$39K <= $71K <= $98K
$29K <= $41K <= $67K
$45K <= $69K <= $102K
$34K <= $51K <= $79K
£45,624 <= £69,999 <= £82,499
AU$39K <= AU$54,990 <= AU$77K