Senior Penetration Tester at NTT Ltd.

Want to be a part of our team?

• Performs penetration testing and attack simulations on business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws. Probes for security weaknesses in applications, networks and systems. Experiments with various methods attackers could use to exploit information security vulnerabilities. Completes threat assessment reports that outline penetration test findings and presents findings to management. May conduct physical security assessments of servers, systems and network devices. Collaborates with cybersecurity team to maintain the company’s information security policies and procedures.

Working at NTT

• The primary responsibility of the Penetration Tester is to proactively support the evaluation of NTT Ltd’s external and internal presence by discovering, evaluating, exploiting and reporting vulnerabilities. The role is internally focused to the business with a remit covering all areas of IT infrastructure, applications and systems.

Key Roles and Responsibilities:

• Perform penetration tests against internal and external facing systems.
• Provide input to improve the quality and effectiveness of tests in a highly scaled and global environment.
• Articulate complex technical risks through creation of reports and delivering presentations to key stakeholders.
• Work with Security DevOps teams to test the orchestration and automation processes and platforms, feed results into a testing program.
• Support the assessment risk and the development and/or recommends appropriate mitigation countermeasures based on empirical testing.
• Provide comprehensive technical expertise with web, application and database vulnerability testing
• Support the development of the security automation framework and the implementation roadmap.

Knowledge, Skills and Attributes:

• Ability to work unsupervised in a remote capacity and deliver results
• Demonstrate a strong ability to engage with various stakeholders, have a team based approach and work towards share goals and outcomes.
• Ability to think outside the box and a passion to improve your skills and drive innovation
• Ability to compromise systems and demonstrate ways to laterally move post compromise
• Academic Qualifications and Certifications:
• Information Technology degree
• Security related certifications such as OSCP, OSCE or CREST are desirable

Required Experience:

• Extensive penetration testing experience in a similar role.
• Experience with both commercial and open source security tools and scripting languages
• Exposure to security testing scenarios e.g. Capture the Flag / Red Team / Blue Team is desirable
• Experience with various testing platforms e.g. Hack the Box / Vulnhub / PentesterLab is desirable