Application Penetration Tester (Senior - Principal)

Hiring Web and Mobile Application Penetration Testers

Job Title – Application Penetration Tester (Senior – Principal)

Shorebreak Security is looking for passionate, self-disciplined, motivated application penetration test professionals to join our team.

Live where you want and work remotely.

We are not looking for slaves to exploit and work to death. We work 40 hours a week and try not to do any more than that. Sometimes we work less than 40 hours a week.

We rent a big house and go to Defcon as a team each year.

We support your professional and personal growth and development.

We are an intentionally small business that focuses on doing a kickass job for our customers and growing slowly. We are privately owned so answer to no investors or outside party, which allows us to be flexible and also allows us to focus on maintaining a calm work environment.

U.S. Citizenship required

NOTE: We are primarily looking for full-timers, but if you are an independent consultant looking for gigs, please get in touch with us as we often need other skilled testers to accompany us.

No corp-to-corp.

Remote position is fine but you may also work with us in Cocoa Beach, FL.

U.S. Citizenship required

Read First

We are looking for professional penetration testers – your resume should reflect yearsof professional experience in a professional penetration testing role. This means that you have been paid to conduct client-facing engagements. You should be able to rattle off a list of your favorite tools and techniques.

You will be asked to demonstrate your skills via a practical interview where you share your screen and we watch you pwn. You will be thoroughly interviewed and screened to test your expertise, so please don’t waste our time – we smell BS a mile away.

Job Title — Senior or Principal Security Engineer

Must have:

– U.S. Citizenship

– 3+ years experience conducting webapp penetration testing for clients – not in your home lab – not vulnerability identification for your own apps – not practice apps.

– 2+ years experience conducting mobile application testing on IOS and android platforms.

– excellent social skills

– strong written and verbal communications skills – this is AS important as your tech skills

– the ability to pass a background check

– the ability to pass a verbal technical interview

– the ability to pass a practical (hands-on) test

– passion for technology and Information Security

– the ability to conduct a webapp pen test without the use of a vulnerability scanner or exploit framework– please read this sentence again.

Job Description:

Conduct web application penetration tests of our customers applications – web, mobile, and other. Clearly communicate vulnerability details and risk to customers, both verbally and in writing.

Required Skills:

– Strong technical skills and understanding of web, mobile, and other applications

– Highly motivated individual with the ability to work independently and to think outside the box — “hacker” mentality.

– Proficiency with common security tools; nmap, Nessus, Metasploit, Burp, Zap, CAIN, Linux Kali, etc.

– A methodology for conducting a thorough application assessment

– Degrees and certifications are a bonus but not required provided you can demonstrate a high degree of technical skills

– Punctuality

– Humility

Hiring Process

– Initial telephone interview

– Technical telephone interview

– Practical hands on, monitored test – you hack, we watch you hack via screen sharing

Please do NOT apply unless you have the “must haves”.

Hiring Process

– Initial telephone interview

– Technical telephone interview

– Practical hands on, monitored test – you hack, we watch you hack via screen sharing

– Join us for a week onsite, or work on a remote “test” gig where we try each other out to see if there’s a fit.

Please do NOT apply unless you have the “must haves”.

Shorebreak Security is seeking a highly motivated IT Security professional with demonstrated experience in Network and Web Application penetration testing to conduct engagements for our commercial and Federal Government customers. You will work in our state of the art; secure facility in Melbourne (Viera), FL, although on-site will be frequently performed in locations throughout the United States.

For an idea of we we expect, please read this.

Job Description

• Conduct security assessments of customer networks; validate and exploit security related findings.
• Clearly communicate vulnerability details and risk to customers, both verbally and in writing.
• Be able to independently apply testing methods against a wide variety of targets including: Web Applications, databases, wireless networks, conducting social engineering attacks against customer user base, SCADA/ICS, routing infrastructure, VPN, Cloud, and more.

Required Skills

• Strong technical skills and understanding of networking and operating systems.
• Highly motivated individual with the ability to work independently and to think outside the box – “hacker” mentality.
• Proficiency with common security tools; nmap, Nessus, Metasploit, Burp, Zap, CAIN, Linux Kali, etc.
• Degrees and certifications are a bonus but not required provided you can demonstrate a high degree of technical skills
• Pass background check

Job Location – Remote or Cocoa Beach, FL

Position Type – Full-time/Contract to permanent

Email resumes to: [email protected]