Penetration Tester

Role Overview

We are seeking an Associate Penetration Tester to join our cybersecurity team. The successful candidate will play a critical role in ensuring the security and integrity of CMA CGM's IT infrastructure by identifying vulnerabilities and mitigating risks. This role offers an opportunity to grow in a dynamic and innovative environment while working on real-world challenges within the shipping and logistics sector.


Key Responsibilities

  • Conduct penetration tests on web applications, networks, systems, and cloud environments to identify vulnerabilities.
  • Perform vulnerability assessments and threat analysis to support risk mitigation.
  • Document findings with detailed reports, including risk assessments and recommendations for remediation.
  • Collaborate with IT teams to validate and ensure the timely resolution of identified vulnerabilities.
  • Participate in Red Team/Blue Team exercises to enhance overall organizational security.
  • Research and stay updated on the latest cybersecurity threats, attack vectors, and industry best practices.
  • Assist in developing and maintaining security tools, scripts, and automation to streamline testing processes.
  • Provide input to improve CMA CGM’s security policies, standards, and procedures.


Required Qualifications

  • Bachelor’s degree in Computer Science, Information Security, or a related field.
  • 1–3 years of experience in penetration testing or a related cybersecurity role.
  • Proficiency in common penetration testing tools (e.g., Burp Suite, Metasploit, Nmap, Wireshark, Nessus, etc.).
  • Familiarity with security frameworks and standards (e.g., OWASP, MITRE ATT&CK, ISO 27001).
  • Solid understanding of networking protocols, web application security, and system architecture.
  • Hands-on experience with scripting languages such as Python, PowerShell, or Bash.
  • Strong analytical and problem-solving skills.
  • Excellent communication skills, with the ability to articulate technical issues to non-technical stakeholders.


Preferred Qualifications

  • Industry certifications such as CEH, OSCP, eCPPT, or CompTIA Pentest+.
  • Experience with cloud security (AWS, Azure, GCP).
  • Knowledge of secure coding practices and DevSecOps principles.
  • Understanding of regulatory requirements such as GDPR or ISO 27001 compliance.

Post date: Today
Publisher: LinkedIn
Post date: Today
Publisher: LinkedIn