Required Technical and Professional Expertise
- Minimum required certification: OSCP or equivalent e.g., Offensive Security Web Expert (OSWE) and Offensive Security Web Assessor (OSWA))
- Minimum of 3 preferably 5 years of “hands on” Penetration Testing Experience with operating systems, web applications and network infrastructure.
- Minimum of 3 preferably 5 years experience with using Penetration Testing Tools. e.g., NMap, Nessus, Metasploit, BurpSuite, Nito, Tcpdump.
- Administrator level knowledge of Server Operating Systems specifically Unix and Windows to test infrastructure. Well versed in Kali Linux.
- Ability to test web technologies e.g., web applications, containers, container managers.
- Sufficient technical knowledge of TCP/IP Networking/Routing, Intranet / Internet Architectures and Segregation Technologies/VLANs, Firewalls, Intrusion Detection, Intrusion Prevention, SQL Databases
- Programming ability to create, read and modify exploit code to achieve system penetration. C, C++, Java, C#, scripting knowledge is an asset.
- Ability to clearly present the penetration testing results including recommendations to fix.
Preferred Technical and Professional Expertise
- Preferably a bachelor’s degree or College Diploma in computer science or related field