Posted over 4 years ago
PENETRATION TESTER
Technology Brookfield, WI Remote, United States
Description
Essential Job Duties:
- Penetration testing (ethical hacking) applications & network environments.
- Author testing plans and penetration test reports.
- Perform reconnaissance & network surveys to map targets.
- Research tools & security exploits, blogging about new security finds.
- Consult on high-level strategic initiatives, highly-technical & detailed regulatory compliance projects.
- Gain proficiency in the following:
- Web applications & services.
- Firewall, IPsec & SSL VPNs, IDS/IPS, WLANs.
- Database functions, interactions, and communications.
- Commercial & open source security tools (e.g., Nessus, Nmap, Netcat, , Metasploit, Burp Suite, Bloodhound, Empire, Wireshark, hypervisors, run-live distros, etc.).
- Scripting (Python, PowerShell, JavaScript, Bash) & application development.
- Keep up-to-date with tools, countermeasures, threats, & technologies.
- Share knowledge & mentor new team members & peers.
- Develop & refine tools, templates, & methodologies.
- Interpret vulnerabilities, identify weaknesses, exploit them, & escalate your access.
- Assist with malware analysis & breach investigations.
Qualifications:
- Previous consulting or penetration testing experience a plus, however, we welcome a passionate IT security hobbyist looking to change their career.
- Experience managing networks & systems for both Windows & Unix platforms.
- Know general information security principles.
- Coding & scripting experience required (Python and Bash).
- Experience exploiting security holes & fixing them (on your own systems and/or capture the flag and similar environments).
- Experience with incident response or digital forensics a plus.
- Ability to communicate with C-level, technical, & non-technical audiences.
- Certifications in security & IT certifications (CISSP, GIAC, CISA), technical certifications (MCSE, CCNA, etc.), or related industry certifications (QSA, PA-QSA) preferred.
- Payment card industry (PCI DSS, PA-DSS, P2PE, PFI), financial (GLBA, SOX, SOC/SSAE 18), or healthcare (HIPAA/HITECH) experience preferred.
- Membership in a professional industry group (InfraGard, OWASP, etc.) preferred.
- Fluency in Spanish desired.
Life at Sikich LLP
Sikich LLP is an Equal Opportunity Employer M/F/D/V