Pentester (Red Team)

JSCM Group
Job TagCybersecurity


We are looking for a motivated Pentester to join our Red Team. To be successful in this role, the individual should possess a deep understanding of both information security and computer science. They should be able to understand basic concepts such as networking, applications, and operating system functionality, as well as be able to adapt and learn advanced concepts such as exploit development. You will be expected to quickly assimilate new information, as you will face new client environments on a daily basis. The ideal candidate thrives in a fast-paced environment and continuously implements new knowledge and skills.

Responsibilities Include:

  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
  • Assist in developing comprehensive and accurate reports for both technical and executive audiences.
  • Consult with customers on how to improve their security posture.
  • Effectively communicate findings and strategy to client stakeholders.
  • Recognize and safely utilize attacker tools, tactics, and procedures.
  • Occasionally will be involved in client Incident Response activities if/when a client experiences a cybersecurity incident.
  • Participate in phishing test campaigns.

Required Skills/Experience:

  • Minimum 2 years of hands-on technical cybersecurity experience performing pentests as a primary task.
  • Pentesting on network, cloud, server and containers, Active Directory, Microsoft 365, web, API, and mobile.
  • Knowledge of Windows, Unix, TCP/IP, IDS/IPS, and web content filtering.
  • Experience with basic scripting languages including bash and/or PowerShell.
  • Demonstrated ability to:
    • Adhere to the highest standards of honesty and integrity.
    • Think critically about complex problems and situations.
    • Have a passion for researching emerging vulnerabilities and threats from within the context of organizational risk and business impact.
    • Exploiting and chaining vulnerabilities to maximize their impact.
  • Know how hackers exploit the human element to gain unauthorized access to secure systems.
  • Develop novel attack vectors based on newly discovered vulnerabilities.
  • Understand how computer security breaches can disrupt business, including the financial and managerial implications.
  • Apply industry standards, TTPs and best practices such as the Penetration Testing Execution Standard (PTES) and the Mitre ATT&CK Framework.
  • Go beyond automated and “push-button” attack tools and utilities.

In Case You Missed It: Event Highlights

Check out some of our recent events that provided learners and job seekers with opportunities to learn from industry experts.

Related Industries: All Industries, Cybersecurity, Data Science, Product Management, Social Work, Technology Project Management
Recent Events Recap: Tips & Tidbits

STEM: Industry Professionals Share Tips and Tidbits

On International Women’s Day, a few of the ladies from Nike joined us for a discussion on women in STEM. Learn more about some of the key takeaways from breakout room sessions on Overcoming Barriers and International Work as a Woman in STEM.

Related Industries: Computer Science, Cybersecurity, Data Analytics, Data Science, FinTech, Product Management, Technology Project Management, Web Development
A woman stands in a lab coat.

Cybersecurity: Industry Professionals Share Tips and Tidbits

Two industry professionals from the Cybersecurity industry joined us for a webinar on Determining Which Cybersecurity Work Environment is Right for You. Read along as we highlight some key takeaways from that conversation where they discuss their work environments, workflows, and cultural impact.

Related Industries: Cybersecurity
Hand typing on keyboard.