Penetration Tester

About The Position

Requirements

• 4+ years’ experience with infrastructure architecture and administration.
• 2+ years’ experience in security and compliance related work.
• Bachelor’s degree in Information Technology or related field required or equivalent experience.
• Interest in learning new skills and keeping pace with changing technologies.
• Ability to problem solve and work with others to find the best solution.
• A commitment to providing our customers with 100% satisfaction.
• Developed initiative, judgment, and time management skills.
• Precision in your work and attention to all details.
• Strong interpersonal and written communication skills.
• Capability to work independently and self-motivate.
• A commitment to providing our customers with 100% satisfaction.
• Ability and drive for continued learning.

Nice To Haves

• 2+ years of experience in DR or business continuity related work are considered a plus.
• Familiarity with compliance and regulatory requirements such as HIPAA, PCI, CJIS, CMMC, GDPR, and/or CCPA is a plus.
• OSCP certification preferred.
• Technical certifications such as CISSP, CEH, etc. are considered a plus.

Responsibilities

• Conduct infrastructure focused penetration testing on the internal and external attack surfaces for organizations.
• Gain access to restricted systems and perform lateral movement and create persistent access.
• Conduct social engineering engagements to test the human weakness.
• Coordinate email phishing campaigns and perform social engineering attacks to gain credentials.
• Conduct web-based penetration testing on public-facing Applications and APIs.
• Search for known weak configurations to escalate privilege or gain remote access.
• Conduct device level penetration testing on wireless systems and IoT devices.
• Reverse engineer firmware to find unintended methods of access.
• Create and deliver a complete report of testing, including methodology, resources and mitigation paths.
• Explain paths of attack taken during engagement and provide clear methods of mitigation to customers.
• Design and implement new attack tools to aid during engagements.
• Conducts vulnerability management for customers, including remediation, validation, escalation, and reporting.
• Coordinate communication with internal, customer, and vendor resources and facilitate escalations of issues as appropriate.
• Learn (and share) new skills through independent research, formal training, and industry events.
• Troubleshoot difficult problems and recommends appropriate actions.
• Works beyond routine nature of tasks utilizing specialized knowledge and technology.
• Thorough oral and written communication skills.
• Rotational 24 x 7 on-call support with occasional travel required.
• Perform other job-related duties as required.

Benefits

• Medical, Telehealth, Dental and Vision
• 401(k)
• Health Savings Accounts (HSA) and Flexible Spending Accounts (FSA)
• Life and AD&D
• Short Term and Long-Term disability
• Flex Paid Time Off (PTO)
• Leave of Absence
• Employee Assistance Program
• Wellness Program
• Rewards and Recognition Program
• Benefits are subject to change at the Company's discretion.