Penetration Tester - Freelance - Mexico City
Job Description:
This opportunity is part of a cybersecurity labor market research project. By submitting your information, you'll not only contribute to shaping industry insights but also ensure we can match you with job and contract opportunities as they arise. Participants will receive free access to our research findings, including the next edition of Nearshore Cyber Quarterly, a comprehensive summary and analysis of the Latin American cybersecurity job market.
Esta oportunidad forma parte de un proyecto de investigación sobre el mercado laboral en ciberseguridad. Al enviar tu información, no solo contribuirás a generar valiosos conocimientos para la industria, sino que también te ayudaremos a conectar con oportunidades laborales y de contrato a medida que surjan. Los participantes recibirán acceso gratuito a los resultados de nuestra investigación, incluyendo la próxima edición de Nearshore Cyber Quarterly, un resumen y análisis completo del mercado laboral de ciberseguridad en América Latina.
Job Description:
A Penetration Tester, also known as an Ethical Hacker, is responsible for identifying and exploiting security vulnerabilities in computer systems, networks, and applications. They simulate real-world cyber attacks to evaluate an organization's security posture, helping to uncover weaknesses before malicious actors can exploit them. This role involves conducting thorough security assessments, documenting findings, and providing recommendations for improving overall security.
Skills and Experience:
- In-depth knowledge of various operating systems (Windows, Linux, macOS)
- Proficiency in network protocols and security technologies
- Strong understanding of web application security and common vulnerabilities
- Experience with penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap)
- Knowledge of scripting languages (Python, Bash, PowerShell) for custom tool development
- Familiarity with cloud environments (AWS, Azure, GCP) and their security implications
- Understanding of mobile application security
- Experience with social engineering techniques
- Ability to think creatively to identify unconventional attack vectors
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills for reporting findings
- Knowledge of compliance standards and regulatory requirements
Language Requirement:
Strong English language abilities at a minimum of EFSET C1 level
Required Certifications:
- CEH (Certified Ethical Hacker)
- OSCP (Offensive Security Certified Professional)
Optional Certifications:
- GPEN (GIAC Penetration Tester)
- GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
- CompTIA PenTest+
- CREST Penetration Testing certifications
- eWPT (eLearnSecurity Web Application Penetration Tester)
Required Skills:
EN AWS Analysis Powershell Communication Skills Bash Regulatory Requirements Operating Systems Market Research Linux Security Windows Research Testing Python Engineering English Communication