Portland Metro Area,
Post Date: 08/03/2017
Job ID: JN -062017-5032
Industry: Security - IT
Evo is looking for an Expert Penetration Tester for our Beaverton Client. The Expert Penetration Tester is part of the Attack Surface Management (ASM) organization and participates in the attack surface reduction of global computing assets. The Expert Penetration Tester is responsible for security testing of technology, coordination with stakeholders regarding their findings and completion of day to day tasks associated with penetration test program.
SKILLS and REQUIREMENTS:
- Escalation point for technical guidance on vulnerabilities identified by other testers
- Conduct scoping/kick off meetings with business stakeholders
- Lead network, web application, mobile, web service and hardware penetration testing within the designated scope and rules of engagement
- Perform stakeholder meetings to review security vulnerabilities across a variety of technologies and associated remediation activity
- Work with business representatives to ensure remediation efforts adhere to corporate standards and policies
- Provides expert analysis of remediation actions for both point in time and post event analysis
- Coordinate remediation of high visibility, critical vulnerabilities in conjunction with CIS cross functional resources
- Ensure penetration testing coverage is configured with the appropriate asset scope and is regularly updated for testing activities of both corporate and cloud environments
- Mentor Tester and Sr. Tester team members on latest penetration testing techniques
- Work cross functionally across all ASM teams to identify common themes and develop technical remediation recommendations to reduce the attack surface, both internal and external to corporate information security
- Identify and create automation of penetration testing program to improve program operation, data analysis and metrics
- Bachelor's degree in Computer Science, Cyber Security, or related discipline or equivalent experience
- One or more relevant technical security certifications (CISSP, OSCP)
- 8+ years of professional experience
- Minimum 5 years professional experience in Information Security
- Minimum 2 years professional experience in Penetration Testing
- Advanced understanding of a variety of technical concepts such as: networking, systems administration, application development, application security, viruses/malware behavior, and penetration testing
- Expert level knowledge in one or more penetration testing specialties such as network or web application
- Ability to automate data extraction and multi-system orchestration via REST API integrations through the use of languages such as Python, Perl or Ruby
- Experience with business and/or data analytics with the ability to provide qualitative analysis and recommendations
- Superior verbal and written communication skills
- Strong organizational and/or project management skills
- Ability to develop strong working relationships with a variety of other enabling teams
- Strong attention to detail, data accuracy and data analysis
- Self-motivated and operates with a high sense of urgency and a high level of integrity
- Demonstrated technical experience with:
- Windows Servers, Desktops, Laptops
- UNIX Servers (Solaris, Red Hat Enterprise)
- Network Switching and Routing (Cisco, Juniper)
- Experience with penetration testing solutions such as Burp, IDA Pro, WinDbg, Metasploit, ADB, Nexpose, WhiteHat, Fortify, Veracode, AppSpider
- Familiarity of TCP/IP and associated protocols
Not a fit for you, but know someone that might be? Refer them! We have a great referral program where you can earn up to $375 per referral. Find out more at www.evosolutions.com/refer.
- Previous experience working in large scale environments with diverse technologies
- Experience with penetration testing in AWS or Azure environments
Applicants must be fully authorized to work in the U.S. and physically be in the U.S.
CORP-to-CORP requests will NOT be entertained.
Relocation assistance will not be available for this position.
Evo is an equal opportunity employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, disability, veteran status, sexual orientation, gender identity, or any other protected factor.