Penetration Tester

**Why Kyndryl**

Kyndryl is a market leader that thinks and acts like a start-up. We design, build, manage, and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl?

We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers, and our communities. We invest heavily in you - not only through learning, training, and career development, but also through the flexible working practices and stellar benefits that help you grow and progress long-term. And we give back - from planting 90,000 trees in our first 3 months as part of our One Tree Planted initiative to the Corporate Social Responsibility and Environment, Social and Governance practices embedded within everything we do, we are committed to powering human progress in an ethical, sustainable way.

**Your Role and Responsibilities**

Includes professionals who are capable of breaching security systems.
Have a significant mathematical, coding, and analytic background.
Try to hack into the networks to access information without authorization to identify weaknesses in the security systems that are in place and help establish how to improve enterprise information security.
In essence, ethical hackers assess the IT security risk of an organization. Evaluate system security configurations. Evaluate findings and perform root cause analysis. Perform inspection of complex software systems to identify both functionality and intent of software systems. Contribute to designing, developing and implementing countermeasures, system integration, and tools specific to Cyber and Information Operations. Prepare and present technical reports and briefings to Technical and Executive teams. Performs documentation, vetting and weaponization of identified vulnerabilities through reverse engineering for operational use as proof of concept. Ensure that the computer systems they work with are safe and cannot be accessed without authorization.
Need to be aware of new software and hardware that can improve computer security since they play a crucial role in deciding on the security needs of their employer or clients. Produce reports detailing their attempts and the conclusions they've reached about the effectiveness of the security systems in place.
Responsible for the entire lifecycle of these client engagements starting from analyzing the client's business and security environment, conducting an in-depth review of problem areas, developing proposals for clients to address these areas incorporating elements of overall Kyndryl Security strategy, pitching the proposals to the client and cascading information to the other teams on recommended countermeasures.

**Required Technical and Professional Expertise**
- 3 to 5 years experience in the field of infrastructure security.
- Experience in both infrastructure and web pentesting.
- Experience in internal and external pentesting.
- Knowledge of wifi and IoT pentesting.
- Experience working with Mitre ATT&CK TTP.
- Ability to program scripting and web (Bash and Python).
- Experience or knowledge in social engineering exercises.
- Experience in network team exercises.
- Experience in AV/EDR evasion.
- Experience in documentation and report generation.
- Presentation of results and their defense.
- Proficiency in *NIX-type Operating Systems.

**Preferred Technical and Professional Experience**
- Experience in Windows operating systems.
- Knowledge of mobile audits (Android, IOS).
- Knowledge of malware investigation and/or reverse.
- Experience working with OWASP or CyberKillChain.
- Programming skills in C or C++.
- Programming skills in any of the following: HTML, CSS, Javascript, PHP, Perl.
- Advanced knowledge of security configurations or administration of any of the following: AWS, Azure, GCP.
- Proactivity.
- Ability to simulate real attacks.
- Great imagination.
- Reasoning skills.
- Lateral thinking.
- Problem-solving skills.

**Required Education**

None

**Preferred Education**

Technical Diploma

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks (KINs) are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

**Other things to know**

**Primary Job Category**

Consultant

**Role (Job Role)**

Security Penetration Tester

**Employment Type**

Full-Time

**Contract Type**

Regular

**Position Type**

Professional

**Travel Required**

Some travel may be required based