Pen Tester

Why Join Us?

Join a global team of experienced white hackers, working with both Check Point and non-Check Point customers worldwide, on every industry vertical, collaborating with Check Point research and IRT teams, exposing you to the most interesting cutting-edge cyber threats out there.

Key Responsibilities

• Penetration testing (ethical hacking) applications & network environments.
• Author testing plans and penetration test reports.
• Passion for white-hat hacking and cyber security.
• Out-of-the-box thinking approach.
• Perform reconnaissance & network surveys to map targets.
• Research tools & security exploits, blogging about new security finds.

• Gain proficiency in the following:

• Web applications & services.

• Firewall, IPsec & SSL VPNs, IDS/IPS, WLANs.
• Database functions, interactions, and communications.
• Commercial & open source security tools (e.g., Nessus, Nmap, Netcat, Metasploit, Burp Suite, Bloodhound, Empire, Wireshark, hypervisors, run-live distros, etc.).

• Scripting (Python, PowerShell, JavaScript, Bash) & application development.

• Keep up-to-date with tools, countermeasures, threats, & technologies.

• Share knowledge & mentor new team members & peers.
• Develop & refine tools, templates, & methodologies.
• Interpret vulnerabilities, identify weaknesses, exploit them, & escalate your access.
• Assist with malware analysis & breach investigations.
• Ability to ask questions and gain further knowledge of problems that may arise during engagements.

Qualifications

• Ethical Hacking practices and procedures
• Proven experience in web application penetration testing according to OWASP methodology.
• Usage of offensive tools such as Fiddler, Burp Suite and SQLmap.
• Experience managing networks & systems for both Windows & Unix platforms.
• Know general information security principles.
• Coding & scripting experience required (Python and Bash).
• Experience exploiting security holes & fixing them (on your own systems and/or capture the flag and similar environments).
• Ability to communicate with C-level, technical, & non-technical audiences.
• Remains calm under pressure, relates in a professional manner with colleagues throughout the organization at all times.
• Penetration testing operational technologies (OT) – Advantage
• OSCP \ OSWE certifications – Advantage
• Red team capability - advantage