Penetration Tester Expert

  • Sygnia
  • Israel
  • Full-time
About The Position

Sygnia is a top-tier cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience and to respond to and defeat attacks within their networks. It is the trusted advisor and cyber security service provider of IT and security teams, senior managements, and boards of top organizations worldwide, including Fortune 100 companies.

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, Sygnia applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

We are looking for a talented Penetration Tester to join our unique Adversarial Tactics Department. As a Penetration Tester, you will work with clients to build the resilience of their application security, increasing their ability to prevent and withstand attacks.

Your role as a Penetration Tester is to provide a comprehensive assessment from the perspective of an attacker. You will collaborate with clients to design and execute Penetration Testing exercises, and conduct thorough assessments of their web applications, mobile applications, and source code review. This will involve identifying vulnerabilities through simulated external attacks (using a black box approach), or examining an application (web/mobile) using a white/gray box approach. Your expertise will play a critical role in enhancing the overall security posture of our clients’ services, platforms, products, and infrastructure.

Requirements:

  • Minimum of 3 years of experience in penetration testing/application security
  • Previous experience in consulting companies
  • Strong understanding and extensive experience in penetration testing methodologies and tools (Burp Suite, Swagger, Postman)
  • Deep technical understanding of a broad range of technologies and the ability to quickly learn new information, including:

*Databases (MSSQL, MySQL, Oracle Database, PostgreSQL)

*Networking protocols (TCP/IP, DNS, HTTP, FTP, SMTP)

*Web servers (Apache HTTP Server, Nginx, Microsoft IIS, Tomcat)

*Operating Systems (Windows, Linux)

*Cloud Platforms (AWS, Azure, GCP)

  • Proficiency in OWASP Top 10 attacks and defences
  • Proficiency in mobile penetration testing for both iOS and Android platforms
  • Background in secure code methodologies and code review
  • Proficiency in development languages such as C#, PHP, Java, Node, and Python
  • Fluent in written and spoken English, with excellent presentation skills
  • Certification such as OSWE/eWPTXv2 – Advantage
  • Proven knowledge such as CVEs or bug bounties – Advantage

Apply for this position