**Introduction** In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. **Your role and responsibilities** The CISO Cybersecurity Operations team is looking to add a penetration tester to the team. This role is highly technical, and candidates must possess a solid understanding of information security, preferably with a strong computer science background. Pen-testers/red teamers must understand applications, networking and various operating systems, along with tools and frameworks, and they must maintain a high level of rigor to stay up-to-date with advancements in technology while also retaining knowledge of older systems and applications that may still be in use in the enterprise. Penetration-testers/red teamers must constantly search for system and application weaknesses to exploit, but they are also expected to maintain a level of professionalism at all times. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy, such as purple teaming, to enhance skillsets for both red and blue team members. While some automated tools will be leveraged, the penetration-tester/red teamer must realize this is not solely a point-and-click role, but requires hands-on expertise with a variety tools to simulate attacker tactics, techniques and procedures (TTPs). When performing red team exercises, the penetration-tester/red teamer must strive to avoid detection. In addition to stealthy engagements, however, penetration-testers/red teamers must also participate in visible and announced assessments for new and existing services, infrastructure and applications to help the team identify weaknesses before an attacker does **Required technical and professional expertise** Minimum required certification: OSCP or equivalent e.g., Offensive Security Web Expert (OSWE) and Offensive Security Web Assessor (OSWA)) • Minimum of 3 preferably 5 years of "hands on" Penetration Testing Experience with operating systems, web applications and network infrastructure. • Minimum of 3 preferably 5 years experience with using Penetration Testing Tools. e.g., NMap, Nessus, Metasploit, BurpSuite, Nito, Tcpdump. • Administrator level knowledge of Server Operating Systems specifically Unix and Windows to test infrastructure. Well versed in Kali Linux. • Ability to test web technologies e.g., web applications, containers, container managers. • Sufficient technical knowledge of TCP/IP Networking/Routing, Intranet / Internet Architectures and Segregation Technologies/VLANs, Firewalls, Intrusion Detection, Intrusion Prevention, SQL Databases • Programming ability to create, read and modify exploit code to achieve system penetration. C, C++, Java, C#, scripting knowledge is an asset. • Ability to clearly present the penetration testing results including recommendations to fix. **Preferred technical and professional experience** Preferably a bachelor’s degree in computer science or related field