Full Job Description
POSITION TITLE: Penetration Tester
LOCATION: Fort Mill, SC, Carrollton TX – Primarily Remote
Job Description
Individuals within the Information Security Office plan, execute, and manage multi-faceted projects related to cyber security to detect, prevent and respond to threats that is affecting the company. Individual should have a mindset of a defender and should be able to operate in a fast-paced environment working closely with our support teams which includes Network, Firewall, Server and Application development teams. These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security management processes and to identify vulnerable areas. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.
PRIMARY DUTIES AND RESPONSIBILITIES:
- Be able to handle the most dynamic and challenging scenarios encountered by the program and assist other analysts by providing direction and guidance when necessary.
- Perform Vulnerability Metrics Reporting for Ad-hoc and scheduled metrics report for various KPIs around vulnerability management activities
- Perform in-depth analysis of red team engagements results and provide a detail report that describes findings, exploitation procedures, risks and recommendations.
- Responsible to identify and exploit security vulnerabilities in a wide array of solutions in a variety of situations.
- Execute penetration testing projects using the established methodology, tools and rules of engagements.
- Design security test cases with the intent to exploit security-protected applications
- Respond to questions from stakeholders about security assessment reports.
- Collaborate with support groups/stakeholders on details about identified vulnerabilities.
- Make recommendations on how we can improve application and network security assessment processes (Security tools, automation, delivery)
- Analyze business policies for effectiveness, make suggestions on security policy improvements, and enhance security testing methodology material.
- Stay up to date on latest vulnerabilities and potential impact to our environment, as new vulnerabilities are released, must stay on top of information related to them and how they may impact us.
- Testing application code level vulnerabilities using penetration testing methodologies
- Maintain day-to-day relationship with security and services partners
- Develop security solutions for critical and/or highly complex assignments.
- Develop remediation strategies and risk responses associated with the protection of infrastructure and information assets.
- Ability to work independently taking initiative and as part of a team participating in a collaborate effort for a common goal.
- Mentors less-experienced team members.
EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
- Professional IT or IT Security experience or equivalent cyber security training.
- Training or experience in leading the response to cyber security incidents
- Working knowledge of MacOS or Windows
- In-depth training in two or more of the following areas: Digital Forensics, detection creation, threat hunting, Reverse engineering.
- Trained in responding to multiple, large scale incident
- Trained in responding to cyber security incidents in public cloud environment
- Demonstrated ability to mentor junior analyst
- Experience documenting and creating playbooks for repetitive tasks.
- Experience creating and validating department-wide processes.
- Experience functioning as a team lead or technical lead
- Ability to multitask, prioritize, and take-charge during stressful situations
- Ability to effectively communicate highly technical information to a non-technical audience
- Good interpersonal skills and ability to see things through the customer’s eyes
- Participation in on-call rotation to respond to off-hours/weekend incidents
- Eligibility to work in the United States.
Job Types: Full-time, Contract
Schedule:
- Monday to Friday
Training:
- Linux: 1 year (Preferred)
- Information Security: 1 year (Preferred)
Work Location:
- One location
Work Remotely:
- Temporarily due to COVID-19
POSITION TITLE: Penetration Tester
LOCATION: Fort Mill, SC, Carrollton TX – Primarily Remote
Job Description
Individuals within the Information Security Office plan, execute, and manage multi-faceted projects related to cyber security to detect, prevent and respond to threats that is affecting the company. Individual should have a mindset of a defender and should be able to operate in a fast-paced environment working closely with our support teams which includes Network, Firewall, Server and Application development teams. These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security management processes and to identify vulnerable areas. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.
PRIMARY DUTIES AND RESPONSIBILITIES:
- Be able to handle the most dynamic and challenging scenarios encountered by the program and assist other analysts by providing direction and guidance when necessary.
- Perform Vulnerability Metrics Reporting for Ad-hoc and scheduled metrics report for various KPIs around vulnerability management activities
- Perform in-depth analysis of red team engagements results and provide a detail report that describes findings, exploitation procedures, risks and recommendations.
- Responsible to identify and exploit security vulnerabilities in a wide array of solutions in a variety of situations.
- Execute penetration testing projects using the established methodology, tools and rules of engagements.
- Design security test cases with the intent to exploit security-protected applications
- Respond to questions from stakeholders about security assessment reports.
- Collaborate with support groups/stakeholders on details about identified vulnerabilities.
- Make recommendations on how we can improve application and network security assessment processes (Security tools, automation, delivery)
- Analyze business policies for effectiveness, make suggestions on security policy improvements, and enhance security testing methodology material.
- Stay up to date on latest vulnerabilities and potential impact to our environment, as new vulnerabilities are released, must stay on top of information related to them and how they may impact us.
- Testing application code level vulnerabilities using penetration testing methodologies
- Maintain day-to-day relationship with security and services partners
- Develop security solutions for critical and/or highly complex assignments.
- Develop remediation strategies and risk responses associated with the protection of infrastructure and information assets.
- Ability to work independently taking initiative and as part of a team participating in a collaborate effort for a common goal.
- Mentors less-experienced team members.
EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
- Professional IT or IT Security experience or equivalent cyber security training.
- Training or experience in leading the response to cyber security incidents
- Working knowledge of MacOS or Windows
- In-depth training in two or more of the following areas: Digital Forensics, detection creation, threat hunting, Reverse engineering.
- Trained in responding to multiple, large scale incident
- Trained in responding to cyber security incidents in public cloud environment
- Demonstrated ability to mentor junior analyst
- Experience documenting and creating playbooks for repetitive tasks.
- Experience creating and validating department-wide processes.
- Experience functioning as a team lead or technical lead
- Ability to multitask, prioritize, and take-charge during stressful situations
- Ability to effectively communicate highly technical information to a non-technical audience
- Good interpersonal skills and ability to see things through the customer’s eyes
- Participation in on-call rotation to respond to off-hours/weekend incidents
- Eligibility to work in the United States.
Job Types: Full-time, Contract
Schedule:
- Monday to Friday
Training:
- Linux: 1 year (Preferred)
- Information Security: 1 year (Preferred)
Work Location:
- One location
Work Remotely:
- Temporarily due to COVID-19
To apply for this job email your details to recruit@cysecon.com
