Key skills
CloudFirewallsLinuxPythonPowerShellActive DirectoryTime ManagementPenetration Testing
About this role
Role Overview
- Perform penetration testing of company owned application, networks, and systems
- Perform web application and cloud discovery, enumeration, and exploitation
- Assist in red team operations and adversary emulation exercises
- Assess and communicate the operational risks of exploitation
- Create testing plans and methods to find and confirm vulnerabilities
- Scope and assess the time needed to complete operational testing tasks
- Modify and adapt public exploit code and tools to meet operational requirements
- Utilize and develop automation where possible to save time and gain efficiency
- Serve as a subject matter expert to the organization for offensive security topics
- Provide expertise to security operations, threat intelligence, and forensics, as needed
- Work independently and troubleshoot technical and business process-related issues
- Experience supporting a variety of different offensive engagements for a large enterprise
- Ability to present complex topics, simply, to varying levels of the organization.
Requirements
- Bachelor's degree in Computer Science, Information Security or other related field preferred or 3+ years’ required experience in related field
- 3+ years of combined IT and security work experience with exposure to systems analysis, application development, database design and computer/network administration
- Minimum 2+ years experience in Information Security required
- OSCP, CRTO, GPEN or other penetration testing or red team certification(s) preferred
- Basic experience using penetration testing security tooling, such as Kali Linux
- Basic experience using Burp suite or similar web application hacking tools
- Basic experience using command and control frameworks such as Cobalt Strike
- Basic experience with programming/scripting languages: e.g. Python, PowerShell
- Basic experience bypassing controls such as antivirus or web application firewalls
- Basic knowledge of networking concepts protocols and encryption
- Basic knowledge of Active Directory discovery, enumeration, and exploit methods
- Basic knowledge of application security best practices and tools
- Basic knowledge of operating system best practices and tools
- Excellent time management and ability to track and deliver on commitments
- Excellent adaptability and ability to learn complex technical skills quickly
- Excellent written and verbal skills.
Tech Stack
- Cloud
- Firewalls
- Linux
- Python
Benefits
- group health insurance benefits (medical, vision, dental)
- FSA and HSA healthcare accounts
- life and accident insurance
- adoption and fertility assistance
- paid parental leave of up to 6 weeks
- short/long term disability
- paid time off for vacation, personal needs, and sick time
- up to 11 paid holidays per calendar year
- opportunity to contribute to 401(k) savings and investment plan or deferred compensation plan (if eligible) with an employer match of 100% on the first 3% of contributions for eligible employees