Overview
- Perform network-based penetration testing for our clients to identify, assess, and report on vulnerabilities in their public facing infrastructure.
- Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications.
- Perform red team exercises to determine where weaknesses in the client’s infrastructure and how it should be remediated.
- Write clear, concise, effective deliverable reports for clients to help them understand their risk posture and how they can reduce it.
- Advise clients on security best practices including application design, infrastructure architecture design, and other considerations.
- Perform research and presenting at conferences.
- Blog on penetration testing best practices.
- Collaborate with other Crosslake practitioners to socialize penetration testing best practices.
Requirements
- Be an apprentice tester for your first 2 projects and then be willing and able to drive a project on your own to successful completion.
- Participate in and drive penetration efforts on behalf of clients, collaborating, digging deep, and creating a report for the investors to outline technical vulnerability and risk.
- Deliver at least one network, API, or web application penetration test every week.
- Work with private equity companies and other investment firms to help them understand the existing technology risks and vulnerabilities that exist in their environment or portfolio.
- Collaboratively work in partnership with internal and client technical leads and team members to ensure that planning and execution of penetration testing efforts occur in a timely fashion and reports are of high quality.