Penetration Tester IV performs penetration testing to assess and identify security vulnerabilities of networks, applications, and systems. Conducts manual and automated penetration tests including black-box, gray-box, and white-box. Being a Penetration Tester IV evaluates findings and performs root cause analysis to identify weaknesses, misconfigurations, or other flaws in the environment that could lead to security compromises. Documents testing results and presents suggestions for the development of countermeasures, security improvements, and mitigation strategies. Additionally, Penetration Tester IV utilizes a variety of assessment tools, such as Nmap, BurpSuite, Kali Linux and scripting languages like Bash, Python, Perl, or Ruby. Familiar with red team testing protocols and cybersecurity frameworks like OWASP, OSSTMM and PTES. Stays up to date with the latest security threats, techniques, and tools to continuously improve penetration testing methodologies. Typically requires a bachelor's degree in computer science. May require GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), and/or Offensive Security Certified Professional (OSCP) certificate. Typically reports to a manager. The Penetration Tester IV work is highly independent. May assume a team lead role for the work group. A specialist on complex technical and business matters. To be a Penetration Tester IV typically requires 7+ years of related experience.
Find out Job Distribution by:Years of Experience
Education Level
Company Size
Industry