Penetration Testing Senior Advisor Consultant

TL;DR

Penetration Testing Senior Advisor Consultant (Cybersecurity): Identifying and exploiting vulnerabilities within client environments by applying information security threat intelligence with an accent on application security (web application penetration testing, API testing) or network security (vulnerability assessments, external penetration tests, internal penetration tests, etc.). Focus on conducting application security assessments using off-the-shelf or internally developed exploitation tools to execute manual testing for advanced attacks.

Location: Japan / Thailand / Philippines

Company

hirify.global is a global leader and innovator of advanced security solutions for defeating cyberattacks.

What you will do

• Conduct application security assessments (web, mobile, API, etc.) using off-the-shelf or internally developed exploitation tools to execute manual testing for advanced attacks.
• Conduct network penetration testing assessments (external pen test, internal pen test, etc.).
• Produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report.
• Conduct client conference calls to include project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations.
• Perform proactive research to identify and understand new threats, vulnerabilities, and exploits.
• Conduct exploitation testing using off-the-shelf or self-developed exploitation tools and document findings for client remediation.

Requirements

• Minimum of 6 years of experience with penetration testing.
• Minimum of 6 years of experience with at least one of the following: Nmap, Metasploit, Kali Linux, Burp Suite.
• Native-level Japanese language skills (At minimum, business-level Japanese language skills are required)
• Applicants must have legal authorization to work in the jurisdiction where the position is posted, without requiring employer sponsorship.

Nice to have

• Offensive certifications such as CEH, WAPT, GPEN, GWAPT, GAWN, OSCP, etc.
• Knowledge of NetSparker and AppScan operating systems administration and internals (Microsoft Windows / Linux).
• Understanding of TCP/IP networking at a technical level.
• Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience.
• Experience with various application attack vectors, security test processes and strong knowledge of common vulnerabilities (i.e. OWASP Top 10).
• Working knowledge of SQL and high-level languages.
• Good technical communication skills, both written and verbal; good analytical and problem solving skills.

Culture & Benefits

• hirify.global operates a remote-first working model, making remote work the primary option for most employees.
• We innovate and create, all of which are accompanied by a great sense of fun and team spirit.
• Employee-led diversity and inclusion networks that build community and provide education and advocacy.
• Annual charity and fundraising initiatives and volunteer days for employees to support local communities.
• Global employee sustainability initiatives to reduce our environmental footprint.
• Global fitness and trivia competitions to keep our bodies and minds sharp.