Penetration Testing Expert Job Description

Penetration Testing Expert Duties and Responsibilities

Penetration Testing Expert job description should contain a variety of functions and roles including:

• Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
• Develop and maintain security testing plans
• Automate penetration and other security testing on networks, systems and applications
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Produce actionable, threat-based, reports on security testing results
• Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
• Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
• Act as a source of direction, training, and guidance for less experienced staff
• Mentor and coach other IT security staff to provide guidance and expertise in their growth
• Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
• Foster and maintain relationships with key stakeholders and business partners

Penetration Testing Expert Requirements / Skills / Qualifications

Penetration Testing Expert job description should include these common skills and qualifications:

• BSc. in Computer Information Systems,  Management Information Systems or similar relevant field
• Previous working experience as a Penetration Testing Expert for (x) year(s)
• In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
• Hands on experience with testing frameworks such as the PTES and OWASP
• Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
• Critical thinker and problem solver
• Excellent organizational and time management skills

As a hiring manager, recruiting an ideal Penetration Testing Expert starts with crafting a good job description. Use this Penetration Testing Expert job description template to save yourself time and help you attract the most qualified candidates. Feel free to revise it to meet your specific needs.

Job seekers interviewing for the role of a Penetration Testing Expert may also reference it in preparation for the interview.