Job Description

Hello,

Title: Penetration Tester

Location: REMOTE

USC or GC ONLY

• Can be remote, no need to be near headquarters
• The roles we need to be able to convert to FTE before year end.

Position Overview

As a senior member of the enterprise penetration testing team, this role will be responsible for conducting application and infrastructure penetration tests and red teaming engagements to help strengthen the security of our perimeter and internal-facing assets.

Key Responsibilities

• Conduct advanced penetration tests on web applications, mobile applications, network infrastructure, and cloud environments.
• Perform regular risk-based and intelligence-led penetration tests on public-facing and perimeter assets.
• Collaborate with SOC, VM and other stakeholder teams to uncover and verify security weaknesses.
• Develop, plan and execute detailed Red Teaming engagements.
• Assist in scoping, executing and peer reviewing prospective change and operational assurance penetration testing engagements
• Understand and safely use various penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures
• Participate and contribute on risk assessment and threat modeling sessions to support security initiatives.
• Develop scripts, tools, or methodologies to enhance CVS's penetration testing processes
• Develop comprehensive and accurate reports and presentations for various consumers of penetration testing results.
• Keep up with the latest cybersecurity threats, vulnerabilities and trends.
• Mentor and train junior team members and share knowledge and best practices.

Required Qualifications

• Relevant certifications such as OSCP, OSCE, OSWE, GIAC, GPEN or equivalent is highly desired
• At least 5-7 years of experience in penetration testing and red teaming.
• Advanced knowledge of penetration testing methodologies, tools, and frameworks such as Kali, Metasploit, Burp, Frida and others.
• Experience with cloud environments (GCP, Azure, AWS), web and mobile applications.
• In-depth understanding of network protocols, operating systems and application technologies.
• Strong knowledge of tools used for wireless, web application, and network security testing
• Thorough understanding of network protocols, data on the wire, and covert channels
• Solid understanding of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
• Demonstrated ability to work independently or as part of a team.
• Shell scripting or automation of simple tasks using Perl, Python, or Ruby
• Bachelor's degree in computer science, information security, or a related field

.

Preferred Qualifications

• Offensive security certifications highly desired
• Ability to successfully interface with internal stakeholders
• Strong understanding of enterprise architecture and technologies.
• Good understanding of methods to secure microservices and APIs
• Strong understanding of networking, systems, and storage concepts, in Cloud environments (AWS,Azure, GCP preferred)
• Knowledge of programming languages/ scripting tools including Python, Shell scripts
• Team player comfortable working in a dynamic environment
• Security and operations background is required
• Self-starter and capable individual contributor
• Ability to document and explain technical details in a concise, understandable manner
• Ability to manage and balance own time among multiple tasks, and help junior staff when required

Education

Bachelor's degree in computer science, information technology, cybersecurity, or a related field (Master's degree is preferred).

Job Tags

Similar Jobs