Penetration Tester Ii

**Summary**
- You are a highly motivated, bright, dynamic and adaptable individual contributor that thrives in an innovative, performance-oriented environment. Continual learning is everything and you want to be a key contributor in a team full of diverse, experienced technology and business professionals. Deep down you have a passion for life, embrace change and thrive in a creative environment. You understand what motivates customers and team members alike and you find solutions to their problems that are economic, strategic and elegant. How would others that you have worked with describe you? Is this you?

Joining the team gives you the opportunity to: work on a disruptive company that’s still in its very early stages, solving challenging problems as it seeks to become the next generation managed security service provider. You’ll work for a hyper-growth company that is focused on delivering the highest quality product in the market where your work has direct impact on customers every day.

**Purpose**

Armor was born with a simple mission and that’s to protect you from the threats whilst preparing you for the worst. The cyber threats are vast and continue to advance in their techniques and motivations to take your data, extort your company or just cause you harm. We meet with many organizations who have chosen to defend themselves by purchasing tools and hoping they are effective against threats. At Armor, we start with a strategic risk-based approach and spend the appropriate energy and resources against the biggest risk part of your organization. Additionally, our managed SecOps solution ensures you understand your risk and compliance posture continuously.

We fully understand that no matter how much cybersecurity defense is in front of your data - a breach can occur. Armor is extremely effective at reducing the likelihood for an incident but as alerts and incidents do happen, we have the proper capabilities to limit its impact, so it doesn’t become a breach. This is achieved with our fully integrated platform, smart queries / rulesets and uses of ML, and team which is obsessed with your protection.

As the Security Analyst - Pen Tester, you are expected to lead and execute security engagements with customers to conduct Vulnerability and Penetration Testing, other related consulting work. You will work closely with the sales teams and support their efforts in pursuing opportunities and providing necessary pre-sales support based on your superior and comprehensive understanding of the cybersecurity threat landscape and potential solutions to mitigate them. You will also work closely with other members of the delivery and execution teams in not only delivering services but also in formulating new offerings based on market needs.

**Essential Duties and Responsibilities**
- Design and create new penetration tools and tests
- Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
- Participate and lead red teaming, fuzzing, source code review and reverse engineering.
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
- Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
- Review and define requirements for information security solutions
- Work on
- improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
- ensuring technical aspects and business processes are aligned
- Define and enable specific action plans to attain and maintain compliance to minimum requirements, security standards and project specific requirements.
- Research, document, present and discuss security findings with management and IT teams.
- Work closely with Sales in design and architecting of comprehensive security solutions for customers.
- Participate in customer facing discussions and workshops to explain solutions, and approaches to addressing customer risk and security challenges.
- Additional duties may be assigned as required

**Must Have Requirements**
- ** Cat 1 security clearance (Singaporean)**:

- CREST or OSCE Certifications
- At least 2 years full-time experience conducting the following types of penetration tests:

- Servers and clients (Windows and Linux)
- Experience using Kali Linux
- Familiar with penetration testing tools and frameworks, such as:

- Nessus
- Burp Suite
- NMAP
- Metasploit
- Fortify
- AppScan
- Experience performing digital forensic investigations (including maintaining integrity and chain-of-custody of evidence)
- Familiar with AWS, Azure, and/or GCP
- Familiar with the OSI model and attack vectors at each layer
- Familiar with cryptographic principles
- Good team player, with excellent verbal and written communication skills.
- Ability to take ownership of an initiative/issue through completion

**Nic