Penetration Tester/Ethical Hacker/Offensive Security Consultant
hace 4 semanas
Job Summary and Mission Wizlynx Group, with the founding core of our company headquartered in Switzerland since 1992, is an ethical, trustworthy, and vendor-agnostic global Cyber Security provider. Our vision is to be a best-in-class global Cyber Security company, enabling customers to focus on their core business by providing high-quality, value-added, and innovative Cyber Security services. This position is offered under a hybrid work model , requiring a maximum of 4 on-site days per month at our offices located in the south of Mexico City (CDMX) . The selected candidate will be exclusively assigned to one of our strategic clients , focusing 100% on supporting and securing their environment. Role Responsibilities In addition to the responsibilities described under Application Security Analyst, the following penetration testing responsibilities are also included: Plan and execute controlled penetration tests on web, mobile, and cloud applications. Perform adversary simulations to evaluate application security from an attacker's perspective. Identify and exploit critical vulnerabilities, reporting findings in a clear and actionable manner. Generate both executive and technical reports including risk, impact, PoC, and remediation plans. Collaborate with development teams for vulnerability retesting and fix verification. Develop and maintain custom scripts, exploits, and tools for advanced security testing. Participate in Red Team/Purple Team exercises, contributing with offensive tactics. Stay current on emerging threats, exploitation techniques, and vulnerabilities. Candidate Evaluation Criteria Candidates will be evaluated on their ability to: Perform end-to-end penetration testing (reconnaissance, exploitation, post-exploitation, reporting). Demonstrate expertise with tools such as Burp Suite Pro, Metasploit, OWASP ZAP, Nmap, Nessus, Kali Linux, etc. Explain complex vulnerabilities clearly to developers and non-technical stakeholders. Apply creativity and innovation in simulating sophisticated attack scenarios. Typical Education and Experience Bachelor's degree or higher in Computer Science, Information Security, or equivalent experience. 1+ years of professional experience in IT security engineering, software engineering, or related field. 1+ years of hands-on development experience with HTML, C++, C#, JavaScript, Python, PHP, SQL, JSON, XML, etc. Strong understanding of SSL/TLS, REST, SAML, OAuth. Experience with tools like Confluence, Burp Suite, SAST/SCA, GitHub, ServiceNow. Experience validating and testing vulnerabilities found in penetration tests or bug bounty programs. Desired certifications: OSCP, OSWE, GPEN, GXPN, CEH Practical, eWPTX, or equivalent. Bug Bounty or CTF experience is a plus. Working knowledge of eCommerce platforms such as Salesforce Commerce Cloud is an advantage. Familiarity with Agile/SCRUM and Waterfall methodologies, and enterprise SDLC processes. Knowledge of web technologies (applications, services, architectures) and network/web protocols. Language Skills Advanced spoken and written English is strictly required , as the role involves direct interaction with international teams and client stakeholders. Ability to communicate clearly and concisely, both orally and in writing, in English as well as in the local language. Soft Skills Team oriented Flexible attitude, reliable, responsible, and proactive Professional and friendly approach and appearance Willingness to take on new responsibilities and learn new tools or processes
-
Senior Associate, Pentester
hace 4 días
Juárez, Juárez, Chih., México KTSA - KPMG Technology Services Americas A tiempo completoAbout KTSA We are KTSA – KPMG Technology Services Americas. A Service Delivery Center of KPMG US, with offices in Mexico City, Guadalajara, and a growing network of remote talent across the country. We deliver high-value technology, consulting, and corporate support services to KPMG US and its clients. Excel by creating impact and leaving your mark on...
-
Senior Product Security Engineer
hace 2 semanas
Juárez, México Thomson Reuters A tiempo completoAs a Senior Product Security Engineer, you will join our team of talented professionals dedicated to embedding continuous and seamless security into our engineering processes. You will contribute to the development and implementation of our Secure Software Development Lifecycle (S-SDLC), working across multiple technical teams to enhance our security...
-
Senior Security Engineer, Application Security
hace 2 semanas
Juárez, Chihuahua, México GitLab A tiempo completoGitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating human progress. Our...
-
Business Development Manager
hace 2 semanas
Juárez, Juárez, Chih., México Dahua Technology México A tiempo completoBusiness Development Manager Sr. The ideal candidate will lead initiatives to generate and engage with business partners to build new business for the company. Business Development: Generate opportunities through networking and partnerships with manufacturers or technology allies. Design market penetration strategies for specific verticals. Lead contract...
-
Security Specialist
hace 1 semana
Ciudad Juárez, México Flex LTD A tiempo completoFlex is the diversified manufacturing partner of choice that helps market-leading brands design, build and deliver innovative products that improve the world. We believe in the power of diversity and inclusion and cultivate a workplace culture of belonging that views uniqueness as a competitive edge and builds a community that enables our people to push the...
-
Security Specialist
hace 6 días
Ciudad Juárez, México Flex LTD A tiempo completoFlex is the diversified manufacturing partner of choice that helps market-leading brands design, build and deliver innovative products that improve the world.We believe in the power of diversity and inclusion and cultivate a workplace culture of belonging that views uniqueness as a competitive edge and builds a community that enables our people to push the...
-
Infraestructure Consultant
hace 7 días
Juárez, Juárez, Chih., México One eSecurity A tiempo completoDigital Forensics and Incident Response is not just our vocation but also our passion. Our core values are at the heart and soul of everything we do: Excellence – In our ability and our achievements. Passion – Inspired and driven to make a positive impact. Innovation – Not only to do a job well but to create new, fresh and efficient ways to do things...
-
Cybersecurity Risk and Compliance Specialist
hace 2 semanas
Juárez, Juárez, Chih., México Deloitte A tiempo completoAs an experienced Cyber Risk & Compliance Associate , you will have the ability to share new ideas and collaborate on projects as a consultant without the extensive demands of travel. Deloitte Americas Delivery Mexico is a member of the Global Delivery Network which has presence across the world with Delivery centers in the United States, Romania, India,...
-
Operations & Management Consultant
hace 3 semanas
Naucalpan de Juárez, México P3 Group A tiempo completo**Vacante para la empresa P3 GROUP en Satelite -Naucalpan de Juárez, Estado de México**:Seeking for an**:Operations & Management Consultant **_for our plant in _**Naucalpan, Mexico**P3 is an international company, offering consulting and engineering services, as well as software development for numerous customers.Since its founding in **** in Aachen,...
-
Staff Security Operations Engineer
hace 6 días
Ciudad Juárez, México Canonical A tiempo completoJoin to apply for the Staff Security Operations Engineer role at Canonical. We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions – at the high end we are looking for deep experience defending highly contested critical assets...
