CURRENT JOB SELECTION

Remote Cyber Assessor & Penetration Tester

  Texas, Dallas-Fort Worth-Arlington

  IT/Computing

#3190
   Job Order
Posted Date
Tuesday, August 20, 2019

Cyber Assessor & Penetration Tester
Dallas, Texas - Remote option
1 year + Consulting engagement

IMMEDIATE NEW job opening for a Cyber Assessor to join our team and work on-site at our client's global HQ's based in Dallas, Texas. Remote work is an option for the right candidate. As the Senior Lead Cyber Assessor Penetration Tester, you will be executing penetration, vulnerability, and security assessments across a variety COTS and custom applications and platforms.
The scope of your work will include performing security penetration testing in various environments, simulating real-world cyber-attack scenarios against technologies, and conducting a security red team exercise. You will provide actionable recommendations and mentorship for clients based on your assessment findings.

Responsibilities:
o Provide actionable recommendations and guidance for clients based on the assessment findings.
o Learn and execute on any client requests and form positive partnerships with customer staff in structured and unstructured situations.
o Present the results of penetration tests to client partners to include senior or executive leadership.
o Use your solid grasp and deep understanding in Information Technology and security vulnerabilities to simulate threat modeling and attack scenarios.
o Utilize your experience ranking vulnerabilities based on context and possible impact.
o We are seeking problem solvers who are passionate about growing market share in a dynamic industry and who love to combine their analytical skills with business insight. We believe success in this role will demonstrate itself through the following attributes and skills:
o Motivated Self-Starter with "Can do" attitude that takes initiative and has the ability to spin up quickly on technologies, challenging opportunities, topics, and advances in the cyber security field that require ongoing learning and self-training
o Experience with multiple Information Security domains: Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Database and Platform Security, Identity and Access Management, Policy and Governance, Cloud Security, RFID, BLE, Encryption, Penetration Testing, Vulnerability Scanning and Management, and Compliance and Risk Management
o Deep understanding of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat
o Solid grasp of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
o Previous experience with penetration testing processes, tools, and technologies and extensive knowledge of standard methodologies regarding their implementation
o Deep understanding of global regulatory and legislative cyber security and privacy requirements like HIPAA, GDPR, SOX, PCI, etc.
o Previous experience working with the Kill Chain, Diamond Model of Intrusion, and similar frameworks and concepts
o Knowledge of industry research and standard methodologies in penetration testing and red teaming
o Solid skills in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
o Previous experience with tools such as Qualys, Rapid7, Checkmarx, Burp Suite, Black Duck and SD Elements
o An aptitude for effectively addressing any issue in collaboration with others

Required Skills:
o 5 years' experience within IT with at least 2 focused on penetration testing
o Experience with execution of a variety of penetration testing assessments and vulnerability assessments to include network penetration testing, web application penetration testing, RF and RFID, Bluetooth, Zigbee, mobile device penetration testing, IoT testing as well as physical and social engineering exercises
o Experience with typical scripting and programming languages - to include PowerShell, Python, VBA, JavaScript, C++, SQL, etc.
o Experience developing vulnerability reports with detailed finding descriptions, test case reproduction steps, and prioritized recommendations
o Cyber security certifications such as CISSP, CEH, GCIA, OSCP & OSCE
o Ability to travel up to 25%
o It would be helpful in this position for you to demonstrate the following capabilities and distinctions:
o BA/BS Bachelor's Degree
o Consulting experience (internal or external)
o Prior experience working on a security Red Team or other technical security assessment team
o Prior experience leading a successful penetration testing program for a large organization
o Prior experience conducting social engineering and client-side threats
o Strong Kali Linux platform knowledge and skill working with standard penetration testing tools for discovery, vulnerability assessments, exploitation, post exploitation and social engineering

**To view all of our open positions, please visit: http://www.alleareconsulting.com/job-openings.

Share