Your role and responsibilities:
As a Penetration Tester at IBM, you will play a critical role in helping clients strengthen their cybersecurity defenses through comprehensive vulnerability assessments and ethical hacking techniques. Your responsibilities will include:
Conducting Penetration Tests: Perform thorough and systematic penetration testing on applications, networks, and infrastructure to identify security vulnerabilities.
Security Assessments: Identify weaknesses in security policies, procedures, and technologies by simulating real-world attacks.
Report Writing: Document findings clearly and concisely, providing actionable remediation advice for security gaps and risks.
Collaboration and Consultation: Work alongside internal teams and client security staff to ensure remediation efforts are properly prioritized and executed.
Vulnerability Analysis: Analyze test results, identify root causes, and assist clients in creating practical solutions to mitigate risks.
Staying Current: Continuously research and stay updated on the latest security trends, attack vectors, tools, and techniques.
Required education:
Bachelor's Degree
Preferred education
Bachelor's Degree
Required technical and professional expertise
Skills and Expertise
Technical Knowledge: Proficient in penetration testing methodologies (OWASP, NIST, PTES), network security protocols, and a deep understanding of web application security and network vulnerabilities.
Required Professional and Technical Expertise:
Tools Expertise: Familiar with penetration testing tools such as Burp Suite, Metasploit, Nessus, Nmap, Wireshark, and others.
Programming & Scripting Skills: Experience with scripting languages (e.g., Python, Bash, PowerShell, or Ruby) to automate tasks or develop custom exploits.
Experience in Exploit Development: Ability to identify and exploit vulnerabilities across different platforms and services (e.g., Windows, Linux, macOS, Web Applications, Cloud, etc.).
Risk Management: Ability to prioritize vulnerabilities based on risk to business operations and present findings to technical and non-technical stakeholders.
Certifications: Industry-recognized certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable.
Communication Skills: Strong written and verbal communication skills to clearly articulate technical issues and findings to diverse audiences, including executives, IT teams, and developers.
Required Qualifications:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent work experience.
3+ years of professional experience in penetration testing, ethical hacking, or cybersecurity assessments.
Hands-on experience with different attack techniques, threat modeling, and vulnerability assessment tools.
Preferred Professional and Technical Expertise:
Preferred technical and professional experience
Preferred Qualifications
Master’s degree in Cybersecurity or a related field.
Expertise in securing cloud environments (AWS, Azure, GCP) and containerized applications.
Familiarity with DevSecOps principles and integration of security testing in CI/CD pipelines.
Experience with incident response and forensic investigations.
Required EducationBachelor's DegreePreferred EducationMaster's Degree
You will be redirected to the company website to apply for this position