Red Team, Network/Mobile Application Penetration Tester

penetration testing, mobile application, cloud, nist, pci, hippa, cissp, cisa, gslc, network, db2, mysql, wireshark, kali, metasploit, nmap, qualys, nessus, burp suite, servicenow
Full Time
$120,000 - $135,000

Job Description

Red Team, Network/Mobile Application Penetration Tester

Salary: $120k-$135k + 15% Bonus

Location: Chicago, IL/ Dallas, TX

***We are unable to provide sponsorship for this role***

***Bonus Eligible***

 

A prestigious financial company is seeking a Red Teamer that will engage in targeted simulations consisting of threat intelligence gathering, network & application penetration testing, social engineering, physical security testing, mobile device testing, and more.

 

Qualifications

  • BS in Computer Science, Information Management, Information Security, or other comparable technical degree from an accredited college/university desired
  • Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired
  • 5+ years’ experience in an IT environment with 3+ years’ experience penetration testing
  • Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Social Engineering and Open-Source Intelligence, Basic Emissions Testing, Physical Security Testing, and more
  • Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS)
  • Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed
  • Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications
  • Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols
  • Must have direct practical experience with one or more high level programming language
  • Strong proficiency in network, application, emissions, and physical security
  • Strong proficiency in social engineering and intelligence gathering
  • Strong experience with custom scripting (python, powershell, bash, etc.)  and process automation
  • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.)
  • Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Netsparker, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.)
  • Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls
  • Experience with dedicated document management tools (e.g., DMS, PolicyTech) a plus
  • Experience with using ServiceNow a plus.

 

Responsibilities

  • Conduct various Red Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Social Engineering, Basic Emissions/Signals Testing, Physical Security Testing, etc.
  • Execute Open-Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools.
  • Understand vulnerabilities and develop relevant exploits/payloads for use during Red Team activities.
  • Perform security risk assessment, threat analysis and threat modeling.
  • Perform independent reviews of security, network, and applications.
  • Plan/Design/Execute security related activities and create artifacts.
  • Assist management with the improvement of policies and procedures to support Security Testing and Red Team activities as well as other security duties which may arise.
  • Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends.
  • Consult with technical experts and system owners on all aspects of Information Security and Compliance.
  • Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture.
  • Supports and successfully completes Audits.
  • Cross-train the other Security Red Team members
  • Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations
  • Participate in “Lessons Learned” process to provide information to help improve practices, methodologies, tools, and other technologies
  • Participate on various technical committees and provide input and feedback to department
  • Stay current on emerging technology trends and the threat landscape
  • Advise IT on current and emerging threats, their attack vectors, and how to mitigate them
Dice Id : napil006
Position Id : 7345580
Originally Posted : 3 months ago
Have a Job? Post it

Similar Positions

Security Analyst- TAS- Remote (Anywhere in the U.S.)
  • GuidePoint Security
  • Dallas, TX, USA
Experienced Cybersecurity Penetration Tester (remote)
  • ConsultNet, LLC
  • Richardson, TX, USA
Senior Cybersecurity Penetration Tester (remote)
  • ConsultNet, LLC
  • Richardson, TX, USA
Penetration Testing / Security Operations Engineer
  • Request Technology, LLC
  • Dallas, TX, USA
Cybersecurity Red Team Specialist
  • GM Financial
  • Arlington, TX, USA
Mobile Application Security Engineer
  • Sensiple Inc.
  • Plano, TX, USA
DevOps Pen-Testing Security Engineer
  • Request Technology, LLC
  • Coppell, TX, USA
Mobile Automation Tester
  • Matlen Silver
  • Frisco, TX, USA
Cybersecurity Analyst - Pen Tester
  • Smart Synergies
  • Austin, TX, USA