As a Penetration Tester at IBM, you will play a critical role in helping clients strengthen their cybersecurity defenses through comprehensive vulnerability assessments and ethical hacking techniques. Your responsibilities will include:
Conducting Penetration Tests: Perform thorough and systematic penetration testing on applications, networks, and infrastructure to identify security vulnerabilities.
Security Assessments: Identify weaknesses in security policies, procedures, and technologies by simulating real-world attacks.
Report Writing: Document findings clearly and concisely, providing actionable remediation advice for security gaps and risks.
Vulnerability Analysis: Analyze test results, identify root causes, and assist clients in creating practical solutions to mitigate risks.
Staying Current: Continuously research and stay updated on the latest security trends, attack vectors, tools, and techniques.
Skills and Expertise
Technical Knowledge: Proficient in penetration testing methodologies (OWASP, NIST, PTES), network security protocols, and a deep understanding of web application security and network vulnerabilities.
Required Professional and Technical ExpertiseTools Expertise: Familiar with penetration testing tools such as Burp Suite, Metasploit, Nessus, Nmap, Wireshark, and others.
Programming & Scripting Skills: Experience with scripting languages (e.g., Python, Bash, PowerShell, or Ruby) to automate tasks or develop custom exploits.
Experience in Exploit Development: Ability to identify and exploit vulnerabilities across different platforms and services (e.g., Windows, Linux, macOS, Web Applications, Cloud, etc.).
Certifications: Industry-recognized certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable.
Required Qualifications
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent work experience.
3+ years of professional experience in penetration testing, ethical hacking, or cybersecurity assessments.
Hands-on experience with different attack techniques, threat modeling, and vulnerability assessment tools.
Preferred Professional and Technical ExpertisePreferred Qualifications
Master’s degree in Cybersecurity or a related field.
Expertise in securing cloud environments (AWS, Azure, GCP) and containerized applications.
Familiarity with DevSecOps principles and integration of security testing in CI/CD pipelines.
Experience with incident response and forensic investigations.
Required EducationBachelor's DegreePreferred EducationMaster's Degree