Intrusion Tester

Job titleIntrusion Tester / Penetration TesterDepartmentEthical Hacking ServicesReports toDirector of Ethical Hacking

Summary

Intrusion testers are part of the security testing services team and performs various types of security tests for clients. Tests may include wireless network assessments, web application testing, internal network assessments, external network assessments, phishing exercises, red team assessments, physical security assessments, code review, mobile application assessments, embedded device assessments and other types of security tests.

The goal of the ethical hacking team is to identify and demonstrate security issues, demonstrate Impact by going beyond obtaining administration privileges, and communicating those elements to the customer to help them enhance their security posture.

This position focuses on intrusion tests and is not a simple vulnerability assessment role. Engagements will allow testers to challenge their problem solving abilities in a variety of environments ranging from small factories to international financial institutions or nationwide SCADA systems.

Duties and responsibilities

Perform security test, in accordance to our methodologyReport the technical findings in a report. Tester may have to present the report to clients with varying level of technical knowledgeAct as an advisor to the clientAnswers clients' inquiries via phone or email in a professional and timely mannerStay up-to-date on information technology trends, security standards and IT security newsOther duties as requiredDevelop and improve tools, scripts and internal testing methodologies. Qualifications

Required

2 years of relevant experience.Bachelor's degree in related field and/or equivalent education/experience.Knowledge of common pentesting methodologies (PTES, OSTMM), vulnerability scoring framework (CVSS, DREAD) and OWASP Top 10Hold the OSCP certification or a more advanced certificationAbility to perform common types of intrusion testing engagements (internal network testing, external network testing, web application testing, mobile application testing, etc.)Eligible for Secret Clearance and no criminal records.Ability to communicate and simplify security concepts and vulnerabilities in a written and oral formatExcellent ability to multitask and meet deadlinesCuriosity and desire to stay up to date on security vulnerabilitiesAbility to travel up to 20% Desirable QualitiesEnergetic and positive attitudeGood capacity to evaluate and explain business impact of vulnerabilitiesAbility to teach to and lead less experiences resourcesKnowledge of programming and/or scripting languagesReverse Engineering experience

---