Listing Description
If Pen Testing is your passion, if you love to do CTFs in your spare time (the 2nd step of our interview process!), if you dream about attending security conferences (e.g. BlackHat, ShmooCon, DefCon, etc.) or eagerly git clone the latest tools / frameworks to play with in your home lab, then you’re exactly who Schellman is looking for to join our team.
There is no typical day for our Pen Testers. Our clients rely on us to find a myriad of vulnerabilities across network, application, mobile, cloud, wireless and other assessments. The benefit of being exposed to so many different situations is that you are constantly building your knowledgebase and skillset while keeping up with the latest cloud technologies and endpoint protection. Our team is remote yet extremely collaborative and works together to utilize their different backgrounds and experience to solve these problems.
In addition to the hands-on training, Schellman also promotes a continuous learning environment. Team members are encouraged to attend at least one security conference and training event every year to stay on the cutting edge of the industry.
Responsibilities:
The primary responsibilities for this position will be leading network, application and mobile penetration testing, as well furthering team development and advancing the practice. Senior Penetration Testing Associates perform project execution and report preparation activities as the delivery lead on a particular engagement.
Requirements:
At least two years hands-on penetration testing experience
At least one year of web application penetration testing experience
Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges – SANS Holiday Hack, HackerOne CTF, HackTheBox.eu, etc.)
Competency in common operating systems (e.g. Windows, macOS, Linux)
Proficiency with at least two scripting languages (e.g. Python, Bash, JavaScript, PowerShell)
An understanding of cloud computing models, technologies and concepts
Knowledge of PCI and FedRAMP programs
A passion for identifying and exploiting vulnerabilities
Demonstrated entrepreneurial abilities, client focus, industry savvy, and the ability to work independently or as part of a collaborative team
Advanced written and verbal communication skills
Strong analytical and interpersonal characteristics
Ability to work both independently and collaboratively
Demonstrated consistency in values, principles, and work ethic
Self-driven in a remote working environment, motivation to continuously improve your skillset
Preferred:
Degree in computer science or information technology
Certifications within Information Technology or Information Security
Schellman might not be as well-known, but we are well-liked. We’ve been recognized in the industry as one of the top Best Small Firms to Work for by Consulting Magazine and Top 10 for Comp and Benefits on Glassdoor, but more importantly, our employees have great things to say about working here: https://www.glassdoor.com/Reviews/Schellman-and-Company-Reviews-E666239.htm
Sound like a great fit? Join us in being truly unique in the world of compliance! We are open on location as this position is 85% remote. Unfortunately, at this time, we cannot consider candidates that require sponsorship (now or in the future), or are located outside of the US.
Schellman & Company, LLC. is an equal opportunity employer (EOE) and strongly supports diversity in the workplace.The primary responsibilities for this position will be leading network, application and mobile penetration testing, as well as furthering team development and advancing the practice. Senior Penetration Testers perform project execution and report preparation activities as the delivery lead on a particular engagement.
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: Travel 25
- Telework: Full Telecommute