External Penetration Tester
Do you view a roadblock as the end of a project or are you excited by the opportunity to troubleshoot and get creative? Do you have extensive knowledge of networking, computer systems and how internal infrastructure is set up? Do you have experience with Penetration Testing?
Look no further because this is the role for you! IT Security is our business and at Digital Boundary Group we have an exciting, challenging and collaborative environment where you will have the opportunity to work with customers in every sector to find exploitable holes in their operations and provide your advice on improving their security posture.
We have an amazing group of bright, talented and experienced people who are driven to learn and grow. We provide flexible working hours, health and dental benefits, retirement savings plans, vacation time and paid continuous learning opportunities. We also share the company’s profits with the team! Digital Boundary Group gives back to the community through both donations and volunteering and takes steps to support environmental improvements at our organization.
Don't take my word for it, hear it straight from the tech team...
Why our Team likes working here:
- Focus on purely red team activities
- DBG is vendor-agnostic and does not sell remediation services or security controls. This eliminates conflicts of interest but also ensures you are mainly focused on the exciting part of infosec: hacking in and telling clients how you did it. We provide clients with general information on remediation strategies for each finding, but never do implementation.
- Think like a hacker
- Our goal is to simulate sophisticated real-world attacks and our customers understand this.
- Our external penetration test product allows testers to execute hacking techniques in real-world scenarios and to discover unique and interesting vulnerabilities. No two tests are ever quite the same. If we can achieve the ultimate goal, Domain Admin, we get to ring the gong which sounds throughout the office and show off our prowess.
- While we do maintain a standard methodology for consistency and quality, testers are encouraged to think outside the box when working on challenging engagements. Spear phishing and social engineering over the phone are not off the table.
- Supportive Learning
- There are many talented individuals working at DBG. A lot of us are ex-sysadmins and developers and we are always available face-to-face or via team chat to answer questions or jump in on a test if you’re stumped.
- Our methodology is well-documented and updated regularly.
- If we find something no longer works as well as it used to, you may be tasked with testing out new tools and techniques to evaluate, document and add to our formal methodology.
External Penetration Tester
What you’ll be doing:
- Performing internal and external penetration tests
- Performing vulnerability scans
- Assisting in the development of in-house testing tools and processes
- Writing client reports with your findings and recommendations
- Researching and learning about information security trends, new testing techniques and best practices, and sharing findings with the team
As a member of the External Testing team your initial focus would be on performing external penetration tests, however as you gain experience there may also be opportunities for participating in other things like on-site covert physical assessments, either by sneaking into physical locations for our clients or catching shells from dropboxes at HQ at times as well.
Knowledge and skills you need to do it:
- Experience with commercial and open source tools such as Metasploit, Canvas, Core Impact, Nmap, Kali Linux and Nessus
- Knowledge of operating systems such as Windows Server, Windows 7/8/10, and Linux
- Working knowledge of network devices such as firewalls, routers, and switches
- Experience writing scripts in PowerShell, Python, etc.
- Ability to work independently and within a team
- Attention to detail
- Troubleshooting skills
- Demonstrated report writing capabilities and strong communication skills
- Fluent in English; Experience in a second language is considered an asset
Additional experience considered an asset:
- Certifications such as GSEC, GPEN and OSCP
- Practicing penetration testing skills on sites such as Hack the Box
Education and Experience:
- Diploma or Degree in computer programming, computer science, computer engineering, cybersecurity or related field, or equivalent training and professional experience
- Relevant IT experience such as help desk, customer service, troubleshooting, networking, system administration, cybersecurity operations (1-2 years of working experience preferred)
- Due to the nature of the business satisfactory completion of pre-employment checks are required
How to Apply:
If this sounds like the right opportunity for you, apply now! Be sure to include a resume and cover letter and tell us why you are the person we’ve been looking for!
Digital Boundary Group is an equal opportunity employer. We are committed to providing accommodation to applicants with disabilities. Please let Human Resources know if you require accommodation during the recruitment process.