InfoSec Engineer (Penetration Tester)

Join Our Team in Agoura Hills, CA

Talent Space is offering an exciting opportunity for a skilled professional to join our Information Security team on a Contract-to-Hire basis. This role is based 100% onsite in Agoura Hills, CA, with a high likelihood of conversion to a full-time position at the end of the consulting period. Enjoy the beautiful surroundings of Agoura Hills while contributing to our mission of safeguarding digital assets.

Responsibilities

We are seeking a proactive individual to identify and mitigate security risks across our digital landscape. Your expertise will be crucial in conducting in-depth penetration tests on web applications and AWS infrastructure, uncovering vulnerabilities and weaknesses. You'll also play a key role in driving the remediation process, collaborating and educating teams to ensure timely and effective resolution of identified security issues.

• Proactive Security Assessments: Conduct comprehensive security assessments using both manual and automated techniques to uncover vulnerabilities and potential attack vectors across enterprise assets.
• Actionable Remediation Guidance: Deliver clear and concise written and verbal guidance for mitigation and remediation activities, empowering teams to address security weaknesses effectively.
• Threat-Informed Vulnerability Management: Proactively identify and prioritize critical vulnerabilities, incorporating threat intelligence to assess potential exploitability and ensure remediation efforts align with the evolving threat landscape.
• Technical Consultation: Assist technical leaders in application and network design or updates, offering insights to enhance security posture.
• Vendor Oversight: Provide expert technical guidance, establish rules of engagement, and oversee third-party penetration testing services to maintain consistent security standards.
• Automation & Efficiency: Champion the adoption of automated tools for continuous security assessments, strengthening technology value streams, and optimizing efficiency.
• Cross-Functional Collaboration: Partner with teams across the organization to conduct threat modeling and security assessments for new applications and features, ensuring security is integrated from the outset.

Qualifications

We are looking for candidates with solid penetration testing experience and a background in either red or blue team operations. The ideal candidate will have:

• A 2-year college degree (Associate) or equivalent work experience.
• Minimum of 3 years of relevant experience.
• Strong grasp of AWS architecture, engineering principles, and security best practices.
• Experience in conducting vulnerability assessments, implementing remediation strategies, and driving continuous improvement.
• Deep understanding of security assessment tools and techniques, demonstrating the ability to identify and analyze vulnerabilities effectively.
• Proven ability to perform threat modeling and uncover risks that may evade automated detection tools.
• Comfortable reading and reviewing code in various languages, identifying potential security vulnerabilities and weaknesses.
• A strong understanding of ethical hacking principles and a commitment to responsible disclosure.
• Relevant certifications such as OSCP, CEH, or GPEN, demonstrating a commitment to professional development.

We value individuals who are comfortable stepping outside their comfort zones and tackling complex security challenges head-on. Strong collaboration and communication skills are essential, along with the ability to work independently. If you find satisfaction in meticulously reviewing and documenting findings, ensuring clear communication and contributing to a shared knowledge base, we want to hear from you.