Junior Penetration Tester

April 18

Thoropass

WebsiteLinkedInAll Job Openings

Thoropass (formerly Laika) helps you get and stay compliant with smart software and expert services.

Compliance • SOC 2 • HITRUST • HIPAA • Audits

51 - 200

💰 Series C on 2022-11

Description

• Deliver Penetration Testing Engagements • Conduct web and API penetration tests with automated and manual testing, using black box or gray box testing methods • Demonstrate lateral movement capabilities and expose potential data exfiltration opportunities to simulate real-world attack scenarios • Develop effective countermeasures to address both known and unknown vulnerabilities within internal networks, employing advanced adversarial tactics to highlight security gaps • Employ innovative thinking to overcome security protection mechanisms, craft proof-of-concept code, and exploit business logic • Create detailed reports and findings to customers in a clear and concise manner, in fluent written and oral English. Advise customers on remediation efforts as needed

Requirements

• 1-3+ years in a pentesting / red teaming role • Familiarity with web app pentesting and API pentesting • At least 1 of the following certifications: eWPT, CEH, PenTest+, eJPT, Burp Suite Certified Practitioner, or equivalent • Knowledge of current attack methods, manual penetration testing techniques, and popular hacking tools (e.g., Nessus, Nmap, Metasploit, Kali Linux, Burp Suite Pro, OWASP ZAP) • Experience with Hack the Box, Portswigger Academy, or similar learning platforms • Fluency in English, with exceptional verbal & written communication. You’re able to convey complex, technical topics to an array of stakeholders in a digestible and compelling manner • Project management skills with experience working with cross-functional teams

Benefits

• Competitive base salary • Exceptional private healthcare • Early equity in a fast-growing company • Work-from-home model • Unlimited PTO • Home office equipment • Monthly wellness and home Wi-Fi stipend