Penetration Tester 3
Asurion
Date: 10 hours ago
City: Taguig
Contract type: Full time
Application Penetration Tester 3
Application Penetration Tester 3
The Application Penetration Tester will assist Asurion in developing secure products by providing best-in-class application security penetration testing and security assessment services to the product development organization, while passionately pursuing personal and organizational excellence in the field of application/product security.
Core Duties And Responsibilities
Application Penetration Tester 3
The Application Penetration Tester will assist Asurion in developing secure products by providing best-in-class application security penetration testing and security assessment services to the product development organization, while passionately pursuing personal and organizational excellence in the field of application/product security.
Core Duties And Responsibilities
- Perform in-depth application and system penetration tests of internally developed products and enterprise systems to Identify security risks and vulnerabilities.
- Develop functioning proof of concepts (PoCs) to demonstrate exploitation and impact of found vulnerabilities
- Provide guidance and assistance on vulnerability remediation
- Review product and open-source code for the purposes of assessing security and determining weaknesses / vulnerabilities.
- Build and maintain positive and productive working relationships with product development teams and individuals.
- Develop security assessment scripts and frameworks and assist in efforts to automate security testing and assessment activities.
- Continuously learn and keep pace with the latest technical developments in the security space.
- Perform threat modeling with application security engineers and product development staff to promote secure development and inform penetration testing / red-team efforts.
- Mentor security champions with respect to penetration testing techniques, vulnerability research, and red-team tactics.
- Aid the incident response process when product security expertise is required.
- Participate in post-mortems and retrospectives to improve security of products and systems.
- Research and present on relevant security topics, practices, and threats.
- Strong desire and drive to continuously learn and improve upon existing skills, as well as developing new skills
- Strong researching, analytical and problem-solving skills
- Strong experience and knowledge of identifying, exploiting and remediating web application vulnerabilities
- Proficient in at least one scripting language and/or programming language for building PoCs, automation and completing other similar tasks
- Ability to perform secure coding reviews on applications written in TypeScript, JavaScript, Java, C#, Scala and/or others
- Familiarity with iOS and/or Android penetration testing
- Experience with commonly used cloud services and securing them
- Excellent communication (oral, written, presentation) skills including the ability to explain technical concepts and findings at a high-level to non-technical audiences
- Knowledge of open security standards
- Experience with web and mobile security related tools such as Burp, Caido, adb, Corellium, etc.
- Industry recognized certifications demonstrating practical application of knowledge learned; Offensive Security, Hack the Box, TCM, etc. certifications
- Activity in CTF's and CTF platforms including completion of labs such as the HTB Pro labs
- Experience in full stack web application development
- Experience in iOS and Android development
- Involvement in Bug Bounty Programs
- Experience in reverse engineering and tools (IDA Pro, Immunity, Windbg, gdb, etc.)
- Experience security testing and/or using AI for security and efficiency increase purposes
- Security research projects and/or presenting security research at conferences
- CVE assignments
- Familiarity with Windows and Linux testing/privilege escalation techniques and hardening
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Credit and Collections Team Lead
myGwork - LGBTQ+ Business Community,
Taguig
1 day ago
This job is with JTI, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. At JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy...
Manager, Implementation Services
Amadeus,
Taguig
1 day ago
Job TitleManager, Implementation ServicesJob TitleManager, Implementation ServicesIn This Job You WillPurpose of this roleWithin Travel Distribution, the Customer Operations division (CMO) aims to maximize customer success. At every point of the customer journey from onboarding new solutions to everyday usage, we support our customers via our global expertise, our scale advantage, our footprint, and our digitalization capability. Our group encompasses...
Sales Training Manager
AstraZeneca,
Taguig
1 day ago
About AstrazenecaAstraZeneca is a global, science-led, patient-focused biopharmaceutical company that focuses on the discovery, development and commercialisation of prescription medicines for some of the world’s most serious diseases. But we’re more than one of the world’s leading pharmaceutical companies. We are on a journey to bring life-saving medicines to patients. Our role in contributing to decreasing mortality rates globally is...
