Listing Description
• Perform hands-on application security penetration testing
• Work with developers, vendors, engineers, and others to design solutions that support incident response and monitoring functions.
• Design and improve security testing processes; create security testing plans and test cases.
• Develop templates to be used for a continuous pen testing solution.
• Bring in additional contract pen testers as needed.
• Assist in scoping, time lining projects, and developing reports for management on key trends and risk areas3-5 years’ experience working in security, with at least two years conducting penetration testing or similar risk assessments.
Experience with defensive technology such as NG Firewalls, EDR solutions, and SIEMs.
Understanding of security vulnerabilities and attacks (hardware, firmware, software, network, and people), and the ability to understand new ones based on new technology being developed.
Familiarity with the MITRE ATT&CK threat model to quantify security risks.
Understanding of security principles, IT security controls and OWASP top 10 Mobile and Web application vulnerabilities.
Skilled in performing packet-level network traffic analysis using appropriate tools.
Ability to work independently, but also communicate with a geographically diverse team.
Industry certifications such as GREM, GCFA, GCFE, CEH, GREM, GCFA, GCFE, OSCP, CPT, CEPT, GPEN, etc are desirable.
Scripting or API development experience with Python desirable.
Good written and verbal communications skills.
Work in one of our many office locations; preferred locations: Louisville, KY or Washington, DC
Listing Details
- Salary: $130000 - $150000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute