Penetration Tester

Company Description

Since 1998, Lostar is the leading Information Security firm, with more than 1000 projects.
 

Its main services are; Information Security Checkups such as Internet-Intranet Penetration Tests, Gap Analysis of world wide best practices like COBIT, ISO 27001, ISO 22301 and ISO 20000, related consultancy and data protection projects and also Employee Security Awareness Methodology trainings.
 

Lostar consultants, who are well trained and experienced, create the optimal-cost solutions for their customers with paying attention to technical and commercial needs.
 

Roots in Turkey, Lostar has 3 offices in 3 different cities such as Istanbul, London and Sakarya.

We work with the best to create the best service and value for our clients.

For latest news and updates please follow us on:

• Linkedin: Lostar
• Instagram: LostarInfoSec
• Twitter (TR): Lostar
• Twitter (EN): Lostar_EN
• YouTube: LostarTV
• Facebook: Lostar
• Facebook (Jobs): LostarKariyer

and visit our web sites:

• English: https://lostar.com
• Turkish: https://lostar.com.tr

Job Description

We are seeking a skilled and experienced Penetration Tester to join our cybersecurity team. The successful candidate will be responsible for conducting comprehensive security assessments, including web application penetration testing, internal penetration testing, Active Directory testing, MITRE ATT&CK simulations, and vulnerability scanning. This role requires a deep understanding of network concepts and protocols, network security methodologies, and the latest Red Team tactics and strategies.

Location: Preferably based in Istanbul.

Flexibility: Primarily remote work, with the requirement to attend on-site as needed.

Qualifications

• At least 2 years of experience in penetration testing.
• Proficiency in internal penetration testing and exploit development.
• Strong understanding of network concepts and protocols, along with network security methodologies.
• Up-to-date knowledge and experience in Red Team activities.
• Minimum requirement of graduation from a higher education institution (yüksek okul).
• OSCP,OSEP,GPEN (Holding any of these certifications will be considered a significant asset and indicative of a candidate's practical skills and dedication to the field of cybersecurity.).

Additional Information

Key Responsibilities:

• Vulnerability Scanning: Conduct comprehensive vulnerability scans on the internal and external networks of assigned member firms, identifying and reporting potential risks.
• Web Application Penetration Testing.
• Risk Identification: Effectively identify and document relevant risks associated with vulnerabilities found during scans.
• Red Team Activities: Participate in Red Team exercises and projects.
• Ad Hoc Tasks: Perform additional tasks based on specific requests, demonstrating flexibility and adaptability to meet changing needs.