Penetration Testers

What does a professional in this career do?

In this job you will...

• Assess the physical security of servers, systems, or network devices to identify vulnerability to temperature, vandalism, or natural disasters.
• Collect stakeholder data to evaluate risk and to develop mitigation strategies.
• Conduct network and security system audits, using established criteria.
• Configure information systems to incorporate principles of least functionality and least access.
• Design security solutions to address known device vulnerabilities.
• Develop and execute tests that simulate the techniques of known cyber threat actors.
• Develop infiltration tests that exploit device vulnerabilities.
• Develop presentations on threat intelligence.
• Develop security penetration testing processes, such as wireless, data networks, and telecommunication security tests.
• Discuss security solutions with information technology teams or management.
• Document penetration test findings.
• Evaluate vulnerability assessments of local computing environments, networks, infrastructures, or enclave boundaries.
• Gather cyber intelligence to identify vulnerabilities.
• Identify new threat tactics, techniques, or procedures used by cyber threat actors.
• Identify security system weaknesses, using penetration tests.
• Investigate security incidents, using computer forensics, network forensics, root cause analysis, or malware analysis.
• Keep up with new penetration testing tools and methods.
• Maintain up-to-date knowledge of hacking trends.
• Prepare and submit reports describing the results of security fixes.
• Test the security of systems by attempting to gain access to networks, Web-based applications, or computers.
• Update corporate policies to improve cyber security.
• Write audit reports to communicate technical and procedural findings and recommend solutions.