Avertium is themanaged securityand consulting provider that companies turn to when they want more than check-the-box cybersecurity. In today's threat landscape, your not-so-standard processes, workflows, and vulnerabilities require more than just a standard approach to cybersecurity. You need a smarter, stronger, show-no-weakness approach based on more rigor, more relevance, and more responsiveness. That is why more than 1,200 organizations in every sector from manufacturing to financial services, healthcare to technology and business services to hospitality rely on Avertium forcybersecurity services.

Avertium is seeking a Web Application Penetration Tester.

Job duties include, but are not limited to, performing web application, API and mobile application penetration tests. The Penetration Tester will lead and mentor junior members to enhance and develop their technical capabilities along with professional client service interactions. Other responsibilities will include pre-sales scoping and support, client development, and conflict resolution. The successful candidate will be self-disciplined and able to work on individual tasks, sometimes without clear requirements, and must work well in a team environment. The Web App Penetration Tester should have a combination of experience or certifications. Experience should be identified by previous job duties, published work, or public presentations.

Qualifications for Success:

• 4+ years of experience.
• Web Application Assessments - 4 years of recent experience and certifications like OSWE, GWAPT or comparable.
• Experienced in API Testing.
• Well-known vulnerability assessment and penetration testing methodologies.
• Knowledge of web application design & implementation concepts to include supporting systems.
• Strong understanding of various cloud providers and application configuration and deployment.
• Information Security Fundamentals - 5 years of experience, BS degree (or higher) in a technical discipline, or certifications like GSEC, GCIH, CISSP, or Security+.
• Expert knowledge of common vulnerabilities, exploits, and attacks used during a penetration test.
• Familiar with at multiple programing or scripting language such as C, Java, Ruby, Perl, or Python and PowerShell.
• Experienced in testing both iOS and Android devices a plus.

Desired (But Not Required):

• Social Engineering tactics, techniques, and procedures
• Proficient programming capabilities with experience in software development or QA
• General knowledge of network penetration testing
• Payment Card Industry knowledge and penetration testing concepts
• Threat modeling, adversary emulation, or long duration Red Team exercises
• #LI-DS1