Job Description
Bottom Line Up Front: We are the hands-on penetration testing team that relies heavily on manual processes and the skill of the penetration tester to achieve results.
As a leader in cybersecurity consulting services, Appgate delivers unparalleled penetration and cybersecurity services to our clients. Built on the acquisition of "Immunity, Inc.," the Appgate Threat Advisory Services consultants deliver outstanding focus on delivering the highest quality and digging deep into the targets. We are looking for skilled penetration testers to join our team, which provides contracted penetration test services and cybersecurity assessments to our clients.
Appgate is looking for the right person, who is passionate about cybersecurity, looking to expand their skills. We are interested in all levels, including junior, mid-level and senior testers. The pay rate depends on skills and experience. If you are a skilled ethical hacker, please reach out.
We develop custom exploits to demonstrate and reproduce how vulnerabilities will affect our clients. We develop a deep understanding of our targets to demonstrate and test attack theories. We also make sure that we do cover the full test scope and deliver comprehensive results. We use automation where it can increase our efficiency and coverage, and we prefer to build our own tools. The automation enables us to move more quickly to manual analysis to find unique vulnerabilities.
Position Responsibilities:
- Perform in-depth web application audits (common), network penetration tests (common), source code analysis (common), cloud-based security/configuration reviews (common), hardware assessments (less common), cloud-based penetration tests (less common), mobile penetration tests (common) across multiple industries and environments.
- Create detailed penetration test reports in the English language (detailing the steps that were taken to exploit the issues and provide actionable remediation suggestions).
- Create/script tools and exploits during the engagement to demonstrate a vulnerability with proof or write meaningful test cases (to test all attack theories).
- Take a hands-on approach to penetration testing. Very little automation is used (we take very deep dives into our targets to provide the best results).
- Work with other team members on client assessments. We are a team and work best as a group. It is very rare to have a solo engagement.
- Contribute to in-house written tools (Python) to aide in the penetration testing process.
- Work with clients, participate in calls for scoping, kick-offs, and findings, to communicate the scope, status, results, and remediations, and support the smooth progress of the tests; escalate issues when needed.
Experience & Qualifications:
- Capable of performing in-depth penetration tests (including tests that are 2-3 week duration) for Web Applications, Source Code Auditing, Network Penetration tests, Mobile Penetration Tests, and Cloud-based configuration review.
- Strong understanding of vulnerabilities and mitigation controls
- Good attention to detail and ability to complete tasks by the deadline
- Capable of focusing on clearly defined objectives when the client requires
- Well organized and ability to work autonomously
- Technical curiosity and self-starter
- Capable of creative thinking to generate and test attack theories to detect vulnerabilities based on your understanding of the targets.
- Commitment to the cybersecurity discipline and willingness to support the rest of Appgate, when needed.
- Willing to share knowledge with the team or act as a mentor in areas of strength and expertise (as the team will share knowledge with you).
Preferred: - AWS penetration testing experience strongly preferred
- OSCP or OSWE certification highly preferred (demonstration of exploitation capabilities or equivalent expertise can be used as a substitute)
Language: Intermediate-Advanced English (written and spoken)
Appgate is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Job Tags
For contractors,