Penetration Tester Ethical Hacker

last updated April 26, 2021 16:07 UTC

Applause

HQ: Remote

more jobs in this category:

  • -> Transcriptionist @ Literably
  • -> Remote Freelance Writers for Entry-Level Blogging Work @ We Write Blog Posts
  • -> English Transcript Editor @ 3Play Media
  • -> Data Entry Operator @ Tower Health
  • -> Data Entry specialist @ RMJ4U

Applause is looking to expand the team of penetration testers / ethical hackers to engage in vulnerability assessments and manual penetration tests in a private bug bounty model for web, mobile, desktop applications, APIs, network systems and more, covering a full suite of services for the vast Applause customer base world-wide.

If you enjoy tinkering with systems, exploiting vulnerabilities in applications, joining the Applause security team can be your next step in building a reputation globally. You will gain significant additional exposure to clients and applications you’d never have seen otherwise while working in a team comprised of seasoned experts and junior entry level penetration testers earning money for valid vulnerabilities you identify and document.

The main difference to public bug bounties of other large companies? You can actually find issues sometimes within just a few minutes because the apps you’ll test are not hardened and competition is much smaller than on a public bounty program. You can also see issues reported by other testers in real-time which you won’t find elsewhere. SQL injections, remote code executions, serious access control flaws, IDOR, buffer overflows etc. all within reach in these projects. When’s the last time you were allowed to exploit one of those for real?

The successful candidates will primarily be working in the areas of:

  • Application penetration testing

  • Internal & External Network & infrastructure penetration testing

  • Secure application development lifecycle

  • You will be expected to have some experience in some or all of the above areas and will wish to further your career in this area.

You’ll need to have a passion for this area and understand what it means to use ethical hacking skills to help organisations protect their systems and information assets. You could be responsible for trying to break the most advanced defences in the world working with the best in your field across industries and sectors. You’ll need an enquiring mind, the tenacity to overcome technical challenges, and an ability to approach problems from different perspectives.

Job description

You will be conducting manual penetration tests on applications of varying complexity, from a simple looking one-page website which will turn out to have issues across all OWASP TOP 10, to extremely hardened enterprise CRM web applications, mobile applications with proprietary algorithms, space station infrastructure and more.

The work is usually performed remotely as part of a team of other penetration testing experts that you will both compete with and collaborate with. You will have insights into the findings of any of the other testers on the team, so you will have the ability to learn from the very best on every assessment and improve your skills.

You will use a common tool suite for web and mobile testing, including Kali Linux, burpsuite (or other proxy tools you enjoy using) but have free reign over the choice of tools unless specific project instructions restrict that.

Shopping Cart
There are no products in the cart!
Total
 0.00
Checkout
0