Note: The job is a remote job and is open to candidates in USA. Sygnia is a top tier cyber technology and services company that partners with organizations worldwide to proactively build cyber resilience and respond to advanced threats. They are seeking a talented Penetration Tester Expert to strengthen the security of client applications by identifying attack paths and improving their ability to withstand attacks.
Responsibilities
• Design and execute external penetration testing engagements against client environments, identifying exploitable weaknesses from an attacker’s perspective
• Perform application penetration testing on a wide range of web application technologies, to identify vulnerabilities and test applications' security against industries security best practices
• Conduct source code reviews to identify security flaws, insecure patterns, and logic vulnerabilities
• Use black box, gray box, and white box testing approaches based on engagement scope and client needs
• Clearly communicate findings to clients, including attack paths, risk impact, and practical remediation guidance
• Collaborate with internal teams to share insights, techniques, and lessons learned from real world attacks
Skills
• At least three years of experience in penetration testing, with a strong emphasis on web application security and external testing
• Hands on experience performing source code reviews as part of penetration testing or application security assessments
• Previous experience working in a consulting or professional services environment
• Strong understanding of penetration testing methodologies and hands on experience with tools such as Burp Suite, Swagger, and Postman
• Strong knowledge of OWASP Top 10 vulnerabilities and defensive techniques
• Deep technical knowledge across a broad range of technologies, with the ability to learn new systems quickly, including: Databases such as MSSQL, MySQL, Oracle Database, and PostgreSQL; Networking protocols including TCP/IP, DNS, HTTP, FTP, AND SMTP; Web servers such as Apache, Nginx, Microsoft IIS, and Tomcat; Operating systems including Windows and Linux; Cloud platforms including AWS, Azure, and GCP
• Proficiency in development languages such as C#, PHP, Java, Node.js, and Python
• Industry certifications such as OSWE or eWPTXv2
• Publicly demonstrated security research, including CVEs, bug bounties, or published findings
• Experience testing complex, high traffic, or business critical web applications
Company Overview
• Sygnia is a cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide. It was founded in 2015, and is headquartered in Tel Aviv, Tel Aviv, ISR, with a workforce of 201-500 employees. Its website is https://sygnia.co/.