HALOCK Security Labs is a full-service information security consulting firm located in Schaumburg, Illinois. Since 1996, we have provided best-in-class technical security expertise and strategic advisement with a core focus on penetration testing, malware defense, incident response, risk, and compliance services. HALOCK is growing steadily and seeking a Web Application Penetration Tester to join our growing team. All HALOCK penetration testers are subject matter experts in their field and benefit from working with a talented and experienced group in a highly interactive environment. HALOCK provides an opportunity to develop penetration testing expertise and offers early entry into an organization positioned for growth.
HALOCK offers excellent compensation and benefits packages including competitive bonus potential, training and paid certification opportunities, health, dental, 401(k), long-term disability, conference attendance, and more.
- Perform web application penetration testing using a variety of manual methods, tools, and techniques
- Exhibit extensive knowledge of industry standard web application penetration testing methods, in particular, the OWASP testing standard.
- Perform penetration testing in accordance with PCI-DSS 6.6.
- Contribute to HALOCK’s application penetration testing framework, including deliverables, custom script development, testing methods and techniques, and ongoing research
- Author detailed and articulate penetration test reports, including prescriptive recommendations for remediation options
- Three (3) years of experience in manual web application penetration testing across a variety of technologies
- Strong knowledge of web application security testing tools
- Excellent ability to troubleshoot technical issues
- Effective technical and business level writing
- Shell scripting and/or development in languages such as Python
- Ability to multi-task without compromising deadlines and assignment expectations
- Take direction from project management and work as part of a collaborative team
- Strong organizational skills, including ability to deliver with minimal supervision
- Basic project management competencies such as following process and protocol for project delivery, ability to identify project risks, project multitasking, and ability to self-manage when appropriate
- Ability to execute assessments as defined in project plans, within assigned budgets and due dates
- High motivation, integrity, and commitment to self-development
- Strong verbal communication skills
- Cross discipline experience in Network Penetration Testing
- Formal education in Information Security, Information Technology, Computer Science, Engineering or related discipline preferred
- Applicable security certifications such as GWAPT, CISSP, OSCP, CEH
- Previous application development experience
- Previous experience conducting penetration testing in a consulting capacity
- N/A: This is a remote position. No travel is required.
- All candidates invited to interview will be required to sign strict confidentiality and non-disclosure agreements.
- Full background checks are performed, with consent, on all successful candidates before employment offers can be extended.
- US citizens and Green Card holders, EAD and TN are encouraged to apply. We are unable to sponsor H1 candidates at this time.
- No 3rd parties please. Individuals only need apply
- All candidates will be required to demonstrate competency by conducting a limited web application penetration test against HALOCK’s lab environment.