$65000 - $90000
ProCircular is about relationships and trust. Our experts provide practical recommendations to proactively manage risk, meet regulatory commitments, and address the latest cyber threats.
People are at the center of our philosophy, and quality is the cornerstone. We build trust by being approachable, realistic, and unbiased. Each client’s unique goals guide our work, and every project produces a tangible result and a clear roadmap. We’re passionate about cybersecurity, serious about quality, and built around people.
Not only are we a cool company doing cool things, but we also really care about our employees and encourage an innovative and open environment offering nice and even some unique benefits for our team members to take advantage of.
This position is responsible for performing various types of web application security testing for clients to identify and mitigate security issues. In addition, you will work with clients to propose security controls for long-term solutions across many different verticals but primarily focused.
Applicants must be able to perform each essential job function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability.
Essential Job Functions (include but are not limited to the following)
- Demonstrate the ability to perform the following activities:
- Gain a working and business level knowledge of ProCircular engagement toolset.
- Assist, and execute security assessments:
- Web application vulnerability assessments, smoke testing, and penetration testing.
- Familiarity with common reconnaissance, exploitation, and post exploitation frameworks.
- Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
- Ability to perform targeted penetration tests and exploitations without the use of automated tools
- Assist in the development of tools to enhance current automation of service offerings.
- Perform research to identify new ways of achieving your mission.
- Create comprehensive after-action and client-facing deliverable reports.
- Provide accurate, complete, and timely written documentation for all project phases including ongoing status reports and deliverables detailing technical issues identified and their associated business risks.
- Establish & maintain rapport with client technical staff.
- Operate with integrity and accountability. Uphold the values of ProCircular and abide by the Company
The requirements listed below are representative of the knowledge skills and abilities required. Employees who do not possess the requirements for a job at the time of hire will not be considered for the position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Required Skills and Experience:
- Experience in performing web applications, and mobile applications vulnerability assessments and penetration testing.
- Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Familiarity with front-end web application frameworks (i.e., AngularJS, Bootstrap, etc.).
- Experience in testing web-based APIs (i.e., REST, SOAP, XML, JSON). Web application development or source code review experience.
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.
- Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.
- Solid understanding of OWASP testing methodology.
- Develop and deliver walkthroughs, proofs of concept (PoCs), articles, and formal presentations.
- Capable of working effectively and efficiently with minimal supervision.
- Manage sensitive information keeping client names and situations confidential.
- Experience working remotely.
- Must be self-motivated, goal and detail oriented.
- Flexible and adaptable to changing work environment.
- Ability to prioritize multiple tasks and manage time efficiently.
Desired Skills and Experience:
- Conduct assessments of web applications, mobile applications, databases, client-side applications and tools, and APIs.
- Analyze security findings and generate comprehensive reports, including detailed findings, exploitation procedures, and mitigations.
- Execute verification and validation testing for customer mitigations and fixes.
- Communicate in a positive manner with clients and escalate any issues and/or messages accordingly.
Education and Experience Requirements:
- Minimum of 1-year experience of real-world penetration testing and client delivery.
- Solid references from co-workers and former employers.
- Previous relatable experience required.
The primary language of ProCircular is English. Excellent communication skills are required, defined as the ability to:
- Actively listen for total comprehension
- Ask questions that enhance the understanding of a certain topic
- Relay information and/or instruction in a descriptive and understandable fashion in both written and verbal format
- Strong written and verbal English language skills.
Reasoning Ability Requirements:
High-functioning, reasoning abilities are necessary to meet deadlines, prioritize company and customer needs, and work in a high functioning collaborative team environment.
Occasional lifting up to 20 lbs. may be necessary from time to time. Must be able to sit for long periods of time, view a computer monitor, and type frequently/constantly (up to 8 hours a day).
Valid driver’s license is required for frequent travel.
Exempt: This role is exempt which means it is excluded from minimum wage, overtime regulations, and other rights and protections afforded nonexempt employees.
Our normal hours of operation are from Monday through Friday, from 8:00 am to 5:00 pm.
Full-Time: Full-Time employees are defined legally as working at least 30 hours per week, however; full time positions at ProCircular require at least 40 hours. This position requires 40 hours worked within a regular workweek. Occasionally, time over 40 hours may be necessary to meet the requirements of the position. If performance expectations are met, employees may flex his or her schedule, subject to preapproval of one’s direct supervisor.
This position does not have supervisory responsibilities.
All teammates are evaluated at least annually on their performance based on the essential job functions in this job description, along with ProCircular’s Core Values:
It’s about people
- People define every part of our business. Growth potential is based on the abilities and personalities of the people Technology solutions are a part of the equation, but it’s the people in an organization that define its true security. We work hardest when we’re supporting one another. We take care of each other; we take care of our families, and in doing so we take better care of our customers.
Fear is the mind killer
- We don’t let fear define the need for our services and we don’t present a problem without discussing realistic response or mitigation There’s more than enough to worry about in life and plenty of people telling us to be afraid. We’re solutions people, not fear mongers.
Strong opinions lightly held
- Opinions are important—they coalesce facts, reason, experience, and judgment into actionable points of view. We present our opinions with logic and reason rather than emotions, offering several alternatives to each challenge and the supporting data. The rejection of an idea is not a rejection of the individual or their merit. Everyone has a voice and a chance to speak, regardless of title, station or
Quality over speed, speed over cost
- Every organization must consciously balance quality, speed, and We will always put the quality of our work first. We make great efforts to move quickly, but never at the expense of quality. While we strive to keep our services affordable, we never choose an inexpensive alternative that will adversely impact quality or speed.
Cool heads, warm hearts
- We keep a cool head and help others do the same, especially in a We approach adversity with patience, logic, and understanding. Mistakes happen; we don’t hide, ignore, condemn, or fear them. Mistakes are opportunities to exemplify honesty, accountability, professionalism, tolerance, and grace. Instead of pointing a finger, we use humor, empathy, and fun when it matters most.
- We treat each other how we hope to be treated. We don’t yell; we aren’t condescending, and we always try to understand the other person’s perspective, before reacting to it. We keep it light and we listen. We extend this principle to our customers, and we understand that talking down to them is the easiest way to send them to a
Tomorrow just happened
- Life is what happens when we’re busy making other plans. We work hard on today but we’re always thinking about the We take extra time to make sure we’re learning and looking ahead. No matter what your discipline or area of expertise, you’re adding your capabilities to the long-term plan for the organization and its clients.