Core values
* Customer‐first mentality. Great communicator with clients, project managers, teammates. Rapid responses and on time.
* Deliver work with pride; your work is a signature of excellence.
* Dig deeper into every finding. Doesn't stop until impact is proven.
* Comfortable with discomfort. Pursues obstacles, not avoids them. Consulting demands adaptation to rapidly changing environments.
* Always learning. Cybersecurity changes daily; stay current or be willing to improve.
* Self‐motivated and dependable.
* Humble. No egos at Packetlabs.
Education and experience
* Experienced developer/application security tester.
* Solid working knowledge of programming languages: C, C#, Python, Objective‐C, Java, JavaScript, SQL; frameworks like AngularJS.
* Familiarity with web services and data exchange formats: XML, JSON, SOAP, REST, AJAX.
* Understanding of AI/LLM weaknesses and flaws in applications.
* Extensive experience with an attack proxy (e.g., Burp Suite).
* Preferred 3‐5 years of penetration testing and consulting.
* Graduate of a post‐secondary college or university.
* At least two years of information‐security related tasks.
* Professional qualifications: OSCP, OSWE, BSCP; OSCP or Burp mandatory.
What you'll be doing
* Perform penetration testing of web applications, mobile applications, thick clients, and APIs.
* Conduct source code review and white‐box penetration testing to demonstrate the impact of application flaws.
* Reverse engineer mobile and thick client applications.
* Chain application flaws to other areas such as cloud and on‐prem Active Directory, subject to manager's discretion.
* Develop detailed reports on findings and remediations; present at both technical and executive levels.
* Perform SAST and DAST on enterprise, SaaS, and custom in‐house applications.
* Use scanners and validate/ eliminate false positives.
* Apply and go beyond OWASP Web, API, Mobile, and AI/LLM frameworks.
#J-18808-Ljbffr