Penetration Tester

As a TEAMMATE:

We are looking for a talented Penetration Tester who likes to break software and embedded devices.

Natus Sensory Division needs a qualified Penetration Tester to join our team As our penetration tester, you will be responsible for conducting regular audits and inspections in order to make sure our systems are secure. You will be required to configure information systems as well as design and create new systems in order to fix known vulnerabilities. The ideal candidate will have previous experience in the IT Security field, as well as previous experience in a position as a penetration tester. You may also be required to assist other IT Security employees with tasks and present information to the correct supervisors when requested. If this position sounds of interest to you, please don't hesitate to apply We would love to have you on our team.

The Penetration Tester will provide broad and in-depth knowledge to conduct cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques.

Here's what you can expect:

Location: Remote

Main Responsibilities :

• Conduct formal testing on computer systems
• Assess the security of computer software and hardware
• Conduct security audits and legal cyberattack simulations by designing and utilizing hacking tools to access designated pieces of data during a predetermined time frame
• Generate tools for breaking into security systems
• Detect and correct system weaknesses
• Provide recommendations based on an assessment of hardware and software systems
• Implement solutions to enhance data security
• Travel: Up to 10% domestic or international travel on an as needed basis, such as to visit a Natus or customer site for complex investigations

What we are looking for:

• Bachelor's degree in Computer Science or related technical field, with minimum 5+ years of penetration testing related experience
• CPT or CEH certification is desirable but not required
• Experience with medical device industry or other heavily regulated industry
• Ability to identify and exploit web vulnerabilities (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.)
• Ability to identify and exploit mobile and desktop vulnerabilities (API issues, insecure storage, memory corruption, deep links, etc.)
• Clear communication skills and English fluency in speaking and writing
• Team player in a globally diverse environment
• Web application penetration testing
• Mobile application penetration testing
• Source code vulnerability analysis
• Robust creativity and analytical problem-solving skills
• Deep knowledge of at least one programming language (C#, Python, Go, Java, PowerShell, etc.)
• Knowledge of technical systems and terminology
• Proficiency in scripting languages

Additional skills:

• Network penetration testing experience with advanced knowledge of Linux and/or Windows OS and experience in supporting and installing multiple software products
• Protocol analysis
• CTF experience
• Secure coding practices
• Cryptography
• Reading and writing assembly (x86 and ARM)
• Binary analysis tools and debuggers (IDA Pro, Ghidra, WinDbg, etc.)
• Exploit Development
• Embedded systems experience
• Physical security or red team experience
• Strong knowledge of information security best practices, standards, guidelines, and frameworks, including NIST 800-53, NIST RMF, and NIST CSF. Strongly preferred: FDA Pre-market and Post-market Guidance for Cybersecurity in Medical Devices, the HIPPA Security Rule, HSCC Joint Security Plan, AAMI TIR57, ISO/IEC 27000 family

We offer

• The role is a work-from-home remote position.
• Minimal travelling: less than 5%
• Collaborative and international environment with different cultures.
• English company language.

EEO Statement

Natus Sensory is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, veteran status, disability, sexual orientation, gender identity, or any other protected status.