Lead Penetration Tester

Overview

Remote
Depends on Experience
Full Time

Skills

penetration
ethical hacking
OSCP
network
infrastructure
cloud infrastructure
cloud
kali
nmap
exploitdb
database testing
nessus
tenable
security
red team
red teaming
testing

Job Details

Lead Penetration Tester

Salary: Open + Bonus

Location: Remote in the following states

IL, TX, FL, GA, MA, MD, MN, NC, NJ, NY, WI, DC

Hybrid: 3 days onsite, 2 days remote

*This role is not open to sponsorship candidates*

Qualifications

  • Areas of expertise to include Network/Infrastructure Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open-Source Intelligence, etc.
  • 3+ Years experience of Penetration testing
  • 6+ Years experience in Information Assurance or Information Security environment.
  • Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing
  • Demonstrated exploit and vulnerability experience
  • Strong proficiency in intelligence gathering.
  • Strong experience with custom scripting (Python, PowerShell, Bash, etc.) and process automation.
  • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
  • Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.)
  • Bachelor s degree (preferred)
  • Certifications (preferred)

Responsibilities

  • Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc.
  • Conduct ad-hoc white-box penetration testing work of company infrastructure that is still currently in Development, or in need of pre-Production penetration testing
  • Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings
  • Execute Open-Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools.
  • Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities.
  • Verify vulnerability false positives
  • Perform security risk assessment, threat analysis and threat modeling.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.