Job description
Role Overview
Our client is searching for a highly skilled Senior Penetration Tester to join our growing team. In this role, you’ll play a pivotal role in strengthening our clients’ security posture by identifying and exploiting vulnerabilities across a wide range of applications. This will include web applications, APIs, thick clients, and mobile applications. In addition to this, you’ll play a supporting role in the delivery of red and purple team engagements. This presents a great opportunity for individuals who wish to expand their skillset and knowledge in addition to performing application tests.
You’ll go beyond basic vulnerabilities like XSS and SQLi, leveraging your understanding of application flows to uncover and exploit complex business logic flaws
Core Responsibilities
Plan and execute penetration testing engagements on diverse application types (web, API, thick client, mobile) adhering to industry best practices (OWASP, PTES) and Wilbourne’s established processes.
Conduct in-depth source code reviews to uncover potential security flaws and business logic vulnerabilities.
Identify and exploit a broad spectrum of vulnerabilities, demonstrating a strong understanding of application flows and the ability to translate that knowledge into real-world exploitation scenarios.
Utilise a mature suite of web and mobile application security testing tools (Burp Suite, ZAP, etc.) to thoroughly assess application security.
Experience
5 to 7 years of experience in penetration testing with a strong focus on various application types (web, API, thick client, mobile).
Proven experience in identifying and exploiting a wide range of vulnerabilities (SQLi, XSS, CSRF, business logic flaws, etc.).
Very strong understanding of web and mobile application security principles (OWASP Top 10, secure coding practices, mobile security considerations), application flows, and the ability to translate that knowledge into actionable testing strategies.
Sound like your next challenge? Then apply today!