In order to enhance the capacity of the Apsys Toulouse agency, we are looking for pentest consultants. As a pentester consultant you will join the dynamic and versatile Offensive Security team at APSYS. You will work on penetration test missions in a diverse environment in terms of technologies as well as hosting solutions (on-premises, cloud, etc).
- You will perform technical security assessments of IT infrastructure and applications
- You will identify vulnerabilities as well as the technical impact and the exploitation level required.
- You will provide recommendations to help our customers to enhance their security level.
- You will present the different findings to the different hierarchical levels of the organization and provide your expertise to our customers.
- You will also be integrated into the “Offensive Security” community inside APSYS.
- Integration inside the Offensive Security Team within Product Security Business Unit.
- Perform and “lead” Pentests Mission.
- Write and review penetration test reports.
- Oral presentation of penetration tests reports to customers
- Time and motivation to have a proper capacity to maintain high skillset as well as discovering new technical areas.
Contribution to enhancement of tooling and processes of the Offensive Security team.
In addition, you will be trained on the different topics required to perform your daily activities with expertise.
- You need at least 3 years of intense pentesting activities.
- Experience in Windows and Linux pentesting
- Experience in Application (heavy, light client) pentesting
- Experience in Mobile Application pentesting
- TOP 10 OWASP knowledge is a minimum (XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, CSRF, etc).
- Pentest report writing skills.
- Pedagogy and communication skills.
- English writing and speaking is mandatory.
- Leadearship skill for penetration test.
- Team spirit is an important skill required to integrate into our team.
- Being curious and methodical is a prerequisite.
Master Degree or experience in the field of CyberSecurity or IT, Computer Science with certification related to Offensive Security (GPEN, GXPN, OSCP, OSCE,…)