Penetration Tester - remote - A Greater Source

    About this role

  • Location

    Remote working - USA

  • Salary

    USD100000 - USD140000 per annum + Benefits

  • Type

    Contingency

  • Division

    Cyber Security Jobs

  • Reference

    BBBH7651_1562867752

  • Start date

    ASAP

  • Managing this role

Description

Penetration Tester

We have a tremendous remote opportunity for a Penetration Tester to join a growing team. This hands-on role would involve performing external, internal, and social engineering engagements for our clients.

A qualified candidate will have a passion for offensive security with the ultimate objective of strengthening our clients’ security posture. This role will require the candidate to continually learn, adapt, and advance their tradecraft to remain effective on engagements.

An ideal candidate will have an understanding of, and experience in, most of the phases of a penetration test. These phases include reconnaissance, vulnerability identification, exploitation, privilege escalation, lateral movement, persistence, clean up, and reporting.

Responsibilities include:

  • Identify client objectives and plan accordingly
  • Perform pre-engagement tasks such as:
    • select/prepare tools
    • build pretexts, payloads, and delivery mechanisms
    • prepare support infrastructure
    • purchase domain name(s)
  • Execute phases of testing based on type of engagement, which may include reconnaissance, vulnerability identification, exploitation, privilege escalation, lateral movement, persistence, clean up, and reporting
  • Document progression and findings of testing such as methodologies, vulnerabilities, misconfigurations, etc. to later be compiled into a report
  • When applicable, review vulnerability scans, and then provide feedback to client and/or internal team
  • Interact with client pre-/post-engagement as well as during the engagement if needed
  • Have the defensive knowledge to make recommendations that remediate the vulnerabilities and misconfigurations exploited during test. Understanding of a defense-in-depth strategy and best practices is a must
  • Phishing
  • Web App Testing
  • Tool and/or payload obfuscation for evasion
  • Cobalt Strike, Empire, Metasploit, Burp

Experience required:

  • 2+ years’ experience in penetration testing
  • Hands-on experience with Powershell, Python, C# a plus
  • Strong time management
  • Ability to work independently
  • Strong technical knowledge with a comfort level working on a wide variety of technologies and implementations
  • Experience engaging clientele in consulting-related environments
  • Strong understanding of security principles, policies, and industry best practices
  • Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Special Publications
  • Applicable certifications: OSCP/E, GWAPT, GPEN, GXPN, and eLearnSecurity

Best of all, you’ll get an opportunity to work with great people, great clients, and make a difference.

Location: Remote (no client travel)

Salary: $100k – $140k = benefits

Apply Back to search
Upload your CV/resume or any other relevant file. Max. file size: 1 MB.
Don’t have access to your CV? Apply with your LinkedIn profile.
I consent to storing and processing my personal data as outlined on the 'How A Greater Source manages and uses your personal data' page.