Lead Penetration Tester

Overview

Remote
On Site
Full Time
Accepts corp to corp applications
Contract - W2
Contract - (1) week

Skills

OSCP
GPEN

Job Details

About this Position:

Job Title: Lead Penetration Tester

SCOPE OF TECHNICAL ENVIRONMENT:
Internal Testing: A machine and a set of working access credentials will be provided by University.
External Testing: Shall include vulnerability scans of externally facing IPs and focused exploits based on discovered weaknesses.
Exclusions: Social engineering, web application testing, and wireless network testing are considered out-of-scope penetration testing menu items.

REQUIRED DELIVERABLES & REPORTING:
Comprehensive Report: Including an Executive Summary for management and a Technical Report for IT staff.
Documentation: Proof-of-concept evidence, risk ratings, and prioritized recommendations mapped to industry frameworks like NIST or PTES.
Mandatory Retesting: The proposal must include one (1) remediation retest to be performed within 90 days of the final report to verify the effectiveness of fixes for all "Critical" and "High" findings.
Presentation: A formal presentation of findings to IACS and the CISO is required upon completion.

REQUIREMENTS:

  • Lead tester hold the OSCP, GPEN, or an equivalent technical certification.
  • Testing methodology follow PTES, NIST SP 800-115, or equivalent standards.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.