Cybersecurity Attack and Penetration Tester

Job Location Global Opportunity
Regular Full-Time


ERT is looking to hire a Cybersecurity Attack and Penetration Tester who will report to the Manager, Security and Risk Manager. In this role you will evaluate the security posture of ERT's applications and systems.                                                           



  • Performing and/or coordinating manual Attack and Penetration (A&P) testing, utilizing and leveraging the latest technologies in this role (i.e. –applications, mobile applications, various platforms, web services, databases, IoT, ICS, overall solutions)
  • Performing red team assessments
  • Researching new security threats, vulnerabilities and exploit techniques
  • Responding to new security threats and help implement new requirements as needed
  • Managing and maintaining security testing frameworks
  • Collaborate with the team to bolster test cases and documentation
  • Conduct security training for technical testers and development teams.
  • Makes decisions guided by policies in non-standard situations
  • Complete work accurately and within the deadlines required.
  • Provides technical guidance and oversight for technical resources
  • Work in a team environment while maintaining confidentiality of investigation information.
  • Provides mentoring to newer team members.
  • Deep knowledge of working with OWASP concepts for various solutions




Effectively collaborate and communicate with Development, DevOps, Executive Management and Lines of Business to report out security operations and infrastructure operations status and security related issues.


The duties and responsibilities listed in this job description represent the major responsibilities of the position.  Other duties and responsibilities may be assigned, as required.  ERT reserves the right to amend or change this job description to meet the needs of ERT.  This job description and any attachments do not constitute or represent a contract.




  • Bachelor’s degree, preferably in a technical field i.e. Information Systems or Computer Science.
  • Security certifications are desired but not required (CISSP, GIAC, CEH, MSCE, Security+, CSSLP).
  • Ethical Hacker Certification or Similar skills




  • At least 4 years of demonstrated manual security testing
  • 3+ years’ experience in pharmaceutical, medical device, or other regulated industry
  • Experience implementing and operating security technologies and processes in a hybrid cloud environment, such as AWS or Azure and customer premise
  • Scripting language experience – JavaScript, Ruby, Python, node.JS
  • Experience with security vulnerability and penetration tools such as Nessus, Burp Suite, Qualys, Tenable, Apktool, PowerShell, Electra, Cydia Impactor, Wireshark, ADB, and Drozer.
  • Strong understanding of IT operations and service support processes, ITILv3 certification preferred

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.