Penetration Tester

Client is seeking a Sr. Spec, Info Sec (Pen Tester) with a Westlake Village, CA-based client to join their team

JOB TITLE: Sr Spec, Info Sec (Pen Tester)

EMPLOYMENT TYPE: CTH 12 month Contract to hire (MUST BE ABLE TO CONVERT)

LOCATION DETAILS: Onsite at the office in Westlake Village CA

Responsibilities:

• You'll leverage your expertise to conduct in-depth penetration tests on web applications and AWS infrastructure, uncovering vulnerabilities and weaknesses. You'll also play a key role in driving the remediation process, collaborating and educating teams to ensure timely and effective resolution of identified security issues.
• Proactive Security Assessments - Conduct comprehensive security assessments using a combination of manual and automated techniques to uncover vulnerabilities and potential attack vectors across enterprise assets.
• Actionable Remediation Guidance - Deliver clear and concise written and verbal guidance for mitigation and remediation activities, empowering teams to address security weaknesses effectively.
• Threat-Informed Vulnerability Management: Proactively identify and prioritize critical vulnerabilities, incorporating threat intelligence to assess potential exploitability and ensure remediation efforts align with the evolving threat landscape.
• Technical Consultation - Assist technical leaders in application and network design or updates, offering insights to enhance security posture.
• Vendor Oversight - Provide expert technical guidance, establish rules of engagement, and oversee third-party penetration testing services to maintain consistent security standards.
• Automation & Efficiency - Champion the adoption of automated tools for continuous security assessments, strengthening technology value streams, and optimizing efficiency.
• Cross-Functional Collaboration - Partner with teams across the organization to conduct threat modeling and security assessments for new applications and features, ensuring security is integrated from the outset.
• Be ready to tackle new challenges and opportunities as they arise

Qualifications:

TECHNICAL SKILLS:

• 2 Year college degree (Associate) or equivalent work experience
• 3+ years minimum Years of experience
• Strong grasp of AWS architecture, engineering principles, and security best practices.
• Experience in conducting vulnerability assessments, implementing remediation strategies, and driving continuous improvement.
• Deep understanding of security assessment tools and techniques, demonstrating the ability to identify and analyze vulnerabilities effectively.
• Proven ability to perform threat modeling and uncover risks that may evade automated detection tools.
• Comfortable reading and reviewing code in various languages, identifying potential security vulnerabilities and weaknesses.
• A strong understanding of ethical hacking principles and a commitment to responsible disclosure.
• Relevant certifications such as OSCP, CEH, GPEN, or others, demonstrating a commitment to professional development.