Penetration Tester

Job Summary and Missionwizlynx group, with the founding core of our company headquartered in Switzerland since 1992, is an ethical, trustworthy, and vendor agnostic global Cyber Security provider. Our vision is to be a best-in-class global Cyber Security company, enabling customers to focus on their core business by providing high-quality, value-added and innovative Cyber Security services. Responsibilities and essential job functions include, but are not limited to the following: Role ResponsibilitiesIn addition to the responsibilities described under Application Security Analyst, thefollowing penetration testing responsibilities are also included:- Plan and execute controlled penetration tests on web, mobile, and cloud applications.- Perform adversary simulation to evaluate application security from an attacker’sperspective.- Identify and exploit critical vulnerabilities, reporting findings in a clear and actionablemanner.- Generate both executive and technical reports including risk, impact, PoC, and remediationplan.- Collaborate with development teams for vulnerability retesting and fix verification.- Develop and maintain custom scripts, exploits, and tools for advanced security testing.- Participate in Red Team/Purple Team exercises, contributing with offensive tactics.- Stay current on emerging threats, exploitation techniques, and vulnerabilities.Candidate Evaluation CriteriaCandidates will be evaluated on their ability to:- Perform end-to-end penetration testing (reconnaissance, exploitation, post-exploitation,reporting).- Demonstrate expertise with tools such as Burp Suite Pro, Metasploit, OWASP ZAP, Nmap,Nessus, Kali Linux, etc.- Explain complex vulnerabilities clearly to developers and non-technical stakeholders.- Apply creativity and innovation in simulating sophisticated attack scenarios.Typical Education and Experience- Bachelor’s degree or higher in Computer Science, Information Security, or equivalentexperience.- 1+ years of professional experience in IT security engineering, software engineering, orrelated field.- 1+ years of hands-on development experience with HTML, C++, C#, JavaScript, Python,PHP, SQL, JSON, XML, etc.- Strong understanding of SSL/TLS, REST, SAML, OAuth.- Experience with tools like Confluence, Burp Suite, SAST/SCA, GitHub, ServiceNow.- Experience validating and testing vulnerabilities found in penetration tests or bug bountyprograms.- Desired certifications: OSCP, OSWE, GPEN, GXPN, CEH Practical, eWPTX, or equivalent.- Bug Bounty or CTF experience is a plus.- Working knowledge of eCommerce platforms such as Salesforce Commerce Cloud is anadvantage.- Familiarity with Agile/SCRUM and Waterfall methodologies, and enterprise SDLCprocesses.- Knowledge of web technologies (applications, services, architectures) and network/webprotocols.Language Skills·      Ability to communicate clearly and concisely, both orally and in writing, in English, as well as local language Soft SkillsTeam orientedFlexible attitude, reliable, responsible, proactive in workProfessional and friendly approach and appearanceWillingness to take on new responsibilities and learn new tools or processes