Pen Tester

3 days ago

Manila, National Capital Region, Philippines Check Point Software Full time
Overview

Pen Tester role at Check Point Software. Join a global team of experienced white hackers, working with both Check Point and non-Check Point customers worldwide, on every industry vertical, collaborating with Check Point research and IRT teams, exposing you to the most interesting cutting-edge cyber threats out there.


Key Responsibilities
  • Penetration testing (ethical hacking) of applications and network environments.
  • Author testing plans and penetration test reports.
  • Passion for white-hat hacking and cyber security.
  • Out-of-the-box thinking approach.
  • Perform reconnaissance and network surveys to map targets.
  • Research tools and security exploits, blogging about new security finds.
  • Gain proficiency in the following:
    • Web applications and services.
    • Firewall, IPsec and SSL VPNs, IDS/IPS, WLANs.
    • Database functions, interactions, and communications.
    • Commercial and open source security tools (e.g., Nessus, Nmap, Netcat, Metasploit, Burp Suite, Bloodhound, Empire, Wireshark, hypervisors, run-live distros, etc.).
    • Scripting (Python, PowerShell, JavaScript, Bash) and application development.


  • Keep up-to-date with tools, countermeasures, threats, and technologies.
  • Share knowledge and mentor new team members and peers.
  • Develop and refine tools, templates, and methodologies.
  • Interpret vulnerabilities, identify weaknesses, exploit them, and escalate your access.
  • Assist with malware analysis and breach investigations.
  • Ability to ask questions and gain further knowledge of problems that may arise during engagements.

Qualifications
  • Ethical hacking practices and procedures.
  • Proven experience in web application penetration testing according to OWASP methodology.
  • Usage of offensive tools such as Fiddler, Burp Suite and SQLmap.
  • Experience managing networks and systems for both Windows and Unix platforms.
  • Know general information security principles.
  • Coding and scripting experience required (Python and Bash).
  • Experience exploiting security holes and fixing them (on your own systems and/or capture the flag and similar environments).
  • Ability to communicate with C-level, technical, and non-technical audiences.
  • Remains calm under pressure, relates in a professional manner with colleagues throughout the organization at all times.
  • Penetration testing operational technologies (OT) – Advantage.
  • OSCP / OSWE certifications – Advantage.
  • Red team capability - Advantage.
#J-18808-Ljbffr