Penetration Tester (Cape Town)
About Us:
[Insert a brief, engaging paragraph about your company here. What's your mission? What's your culture like? What makes you a great place to work in Cape Town? Emphasize local team culture, office environment, or unique aspects of working in this vibrant city.]
The Opportunity:
Are you a highly skilled and passionate Penetration Tester looking to make a significant impact in the cybersecurity landscape? We're seeking a talented individual to join our dynamic security team based in beautiful Cape Town. In this crucial role, you'll be instrumental in identifying vulnerabilities and strengthening our clients' security postures through comprehensive penetration testing and expert consulting, contributing directly to a safer digital environment.
Your Responsibilities:
- Perform regular penetration tests across various domains, including web applications, infrastructure, cloud environments, APIs, wireless networks, and mobile applications.
- Contribute to advanced Red Team operations and social engineering testing initiatives.
- Develop clear, concise reports on test findings and present these findings to clients.
- Consult with clients to advise on necessary remedial actions following security assessments.
- Stay abreast of the latest security trends, technologies, and emerging threats.
Your Mandatory Technical Skills:
- Demonstrated ability to execute black box, grey box, and white box tests with a strong attacker's mindset.
- Expertise in utilizing industry-standard security tools such as Kali, Burp Suite, Nmap, Nessus, Qualys, and Metasploit.
- Strong understanding of the OWASP Testing Methodology.
- Solid knowledge of critical security protocols including SSL/TLS, SSH, and HTTP.
- Familiarity with leading cloud security platforms like AWS, Azure, and Google Cloud.
- Proficient in networking protocols and the OSI Model.
Your Mandatory Soft Skills & Qualities:
- A collaborative team player who communicates effectively, shares knowledge with colleagues, and fosters a cooperative environment.
- Goal-oriented with the capability to work both independently and as an integral part of a team.
- Possess strong analytical and problem-solving abilities.
- Exhibit a strong work ethic, meticulous attention to detail, and excellent documentation skills, providing high-standard written deliverables.
- Ability to translate complex technical details into easily understandable language for C-level executives.
- A genuine passion for cybersecurity and the work you do.
Your Complementary Technical Skills (Nice to Have):
- Hands-on experience with programming languages and databases.
- Knowledge of containerisation technologies, such as Docker.
- Experience with Attack & Threat Modelling.
- Familiarity with Red Team testing and social engineering attack methodologies.
- Experience with bug bounty programs and vulnerability disclosure policies.
Education, Training, and Experience:
- A Bachelor's degree in Cybersecurity or Computer Science is preferred.
- A minimum of 1-2 years of hands-on testing experience is required.
- Ideally, you will hold two or more of the following professional qualifications: CREST CRT, OSCP, OSCE, CCT, or equivalent certifications.