Penetration Tester (Part Time & Remote)

About The Position

Requirements

• Minimum of 5 years of experience in penetration testing
• Understanding of OWASP Top 10 and “industry best practices” for penetration testing
• Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
• Understanding of Pen Test methods such as Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Penetration Testing Execution Standard (PTES), FedRAMP Penetration Test Guide, NIST, etc.
• Proficient with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
• Solid understanding of manual scripting and scripting languages- ex. Python, Bash, PowerShell, C/C++, etc.
• Proficient with using commercial and open source penetration testing tools – ex. Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite, etc.
• Proven ability to perform computer network vulnerability assessment and penetration testing
• Understanding of risk planning and mitigation strategies
• Ability to prepare and present documents and briefing materials
• Advise on new threats to the technologies and environment and provide mitigation steps when applicable
• Exceptional communication skills - both orally and written
• Strong customer service skills
• Strong organizational and time-management skills with the ability to handle multiple tasks at once, while still paying attention to detail
• A strong work ethic and self-starter attitude, with the ability to thrive in a fast-paced environment
• Bachelor’s degree in a related field or equivalent work experience and advance

Nice To Haves

• Desired certifications – Security+, CEH, GPEN, OSCP, AWS, or equivalent

Responsibilities

• Conduct complete penetration tests, report on results, and provide improvement recommendations
• Ensure customer satisfaction through the delivery of high-quality consulting services across a portfolio of commercial and federal government projects
• Ability to elicit and understand customer requirements and covert those requirements into a technical services solution
• Ability to accurately estimate time and cost for each project
• Foster an environment of continuous learning, innovation and excellence
• Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks
• Develop, review and approve formal statements of work, change requests, and proposals
• Formulate timely reports and documentation to track progress
• Effectively collaborate with peers and company leadership to accomplish team, corporate and client objectives
• Answer developer, designer, and content contributor questions about IT Security requirements.
• Conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts
• Provide security guidance on design, deployment, and architecture of web-based and cloud hosted applications.
• Participate in technical discussions and collaborate with team members

Benefits

• TestPros is an equal-opportunity employer and does not discriminate in employment based on race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or any other non-merit factor.