As a Penetration Tester, you will participate in a variety of engagements, focusing on targets that may include network equipment, servers, applications, mobile devices, and other information systems. Using a variety of tools and techniques that may include red teaming and social engineering, you will have the opportunity to combine technical expertise with your imagination to discover innovative methods with the goal of ensuring that our client remains one step ahead of its adversaries.
- Bachelor degree in Information Technology/Computer Science, or related disciplines and/or equivalent work experience.
- Approximately 3-5 years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
- Demonstrated ability to work on multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment.
- Information Security consulting experience, providing subject-matter expertise on a range of information security topics.
- Hands-on experience with commercial and open-source network and application security testing tools.
- Experience testing web applications for common web application security vulnerabilities as defined by OWASP including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues.
- Excellent analytical skills.
- Excellent interpersonal, communication, organizational, and project management skills.
- Team player with excellent consultative skills, and the proven ability to work effectively with client, internal management and staff, vendors and consultants.
- Strong written and verbal communications skills.
- Proven ability to communicate technical issues to technical and non-technical business area representatives.
- Penetration Testing – Web Applications, Operating Systems, Network Equipment, Wireless, Mobile, Databases
- Programming – Python, Perl, Java, Shell Scripting
- Tools – Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
- Operating Systems – Windows/*NIX
- Communications Skills
- Passion for learning
- Passion for technology and security
Additional Desired Qualifications
- NIST 800-37
- NIST 800-30
- Hardware Hacking
- Exploit Development
Bachelor degree in Information Technology/Computer Science, or related disciplines and/or equivalent work experience;
|Job Category||Security Officer|