Penetration Tester at Moniepoint Inc.

About the Role

• We are looking for a skilled and highly motivated Penetration Tester to join our Information Security team.
• The Penetration Tester will be responsible for identifying and exploiting vulnerabilities in our systems, networks, and applications to enhance the organization's security posture.
• The ideal candidate will have a strong technical background in ethical hacking, vulnerability assessment, and security testing methodologies

Key Responsibilities
Vulnerability Assessment and Exploitation:

• Conduct comprehensive offensive penetration testing on network infrastructure, web applications, mobile applications, and other digital assets.
• Identify, analyze, and exploit security vulnerabilities using advanced tools and techniques.
• Perform manual testing to complement automated tools and identify complex vulnerabilities.

Reporting and Documentation:

• Document findings in detailed, clear, and concise penetration testing reports. 
• Provide actionable recommendations to mitigate identified vulnerabilities 
• Communicate findings and recommendations to technical and non-technical stakeholders

Security Tools and Methodologies:

• Utilize a variety of penetration testing tools such as Burp Suite, Metasploit, Nessus, Nmap, and others.
• Develop custom scripts and tools to assist in testing efforts.
• Stay updated on the latest security vulnerabilities, tools, and methodologies.

Collaboration and Support:

• Work closely with the security operations, development, and IT teams to address security issues..
• Participate in red team/blue team exercises to improve overall security posture..
• Provide support and guidance to junior penetration testers and security analysts 

Compliance and Standards:

• Ensure penetration testing activities comply with relevant regulations and standards such as PCI-DSS, ISO 27001, etc.
• Contribute to the development and maintenance of security policies and procedures

Skills and Qualifications

• A Bachelor's degree in Computer Science, Information Security, Computer Engineering ora  related degree
• Possesses relevant certifications, such as OSCP, CEH, GPEN, or CISSP, is required.
• Minimum of 3 years of experience in penetration testing, ethical hacking, or a related field 
• Proven track record of identifying and exploiting vulnerabilities in diverse environments.
• In-depth knowledge of network and application security principles.
• Proficiency with penetration testing tools and methodologies.
• Strong understanding of common vulnerabilities and exploitation techniques.
• Experience with scripting and programming languages such as Python, Ruby, Bash, or PowerShell
• Excellent analytical and problem-solving skills
• Strong communication and reporting skills.
• Ability to work independently and as part of a team.