Senior Engineer, Web Application Penetration Tester
Company: News Corp
Posted on: August 7, 2022
Currently seeking Senior Engineer-Web Application Penetration
Tester, to join our CyberSecurity Security team, based in the US.
The ideal candidate will possess a deep understanding of attack
surfaces in modern compiled applications and operating systems.
Candidates must demonstrate the ability to analyze closed source
applications using several off-the-shelf or custom developed tools.
Additionally, the ideal candidate will be able to demonstrate
exceptional organizational skills, work efficiently under minimal
supervision, be able to deliver results that meet or exceed
organization's expectations, be a strong team player, and actively
participate in a fast-paced and challenging global environment.
Have a passion for breaking into websites and keen interest in
Have a strong understanding of how web applications, both server
side, and Single Page Applications function hosted in the
Have a keen eye towards business logic attacks.
Ability to perform web, mobile and API penetration testing
Intricate know how of BURP Suite Pro security tool
Prior corporate Experience of web penetration testing applications
is required including PCI environments.
Deep understanding of OWASP top ten vulnerabilities.
You follow the bug bounty community closely to understand the
latest hacking techniques.
Familiarity with manual code review techniques.
Strong plus familiarity with NodeJS, C#, PHP, Python, JAVA
Familiarity with AWS ,Azure cloud
Atleast have a Bachelor's degree in computer science, software
engineering or equivalent experience
Atleast have 5 to 7 years of Penetration testing experience (web,
Intricate know-how of BURP Suite Pro security tool and other Pen
Ability to clearly state defensive techniques for discovered
Ability to communicate clearly how to remediate an issue.
Knowledge of how to write formal penetration reports and convey
impact to business leaders.
Strong plus familiarity with NodeJS, C#, PHP, JAVA languages.
Strong plus familiarity with SWIFT, Objective-C, Kotlin languages
(for mobile testing)
Expected to have some level of Python coding skills
Understanding of AWS IAM and AWS services is required. Other cloud
platforms and plus.
Familiar with DNS Enumeration and supporting tools such as OWASP
AMASS, Recon-Ng etc.
Experience with Gobuster, web fuzzing tools, nmap, password
guessing/cracking and other common security tools.
Command line skills including writing bash scripts, powershell and
ability to parse data from output of tools and logs
Some network penetration testing required.
Attend security conferences and CTF events regularly.
Desired Certifications :
GWAPT, GPEN,Offensive Security Web Expert (OSWE) , OSCP.
GIAC Cloud Penetration Testing (GCPN) is a huge plus.
Cloud Certifications good to have
Keywords: News Corp, Trenton , Senior Engineer, Web Application Penetration Tester, IT / Software / Systems , Princeton, New Jersey
Didn't find what you're looking for? Search again!