Senior Penetration Tester (5024)
Portland Metro Area, Oregon | Consulting
- Conduct initial penetration test scoping/kick off meetings with business stakeholders
- Lead network, web application, mobile and web service penetration testing within the designated scope and rules of engagement
- Lead regular meetings with business stakeholders to ensure remediation efforts adhere to corporate standards and policies
- Provides analysis of remediation actions taken, opportunities for improvement and blockers
- Provide mentoring and training to junior members of penetration testing team
- Perform required audit related tasks from internal audit, SOX and PCI activities
- Interface with other CIS organizations such as Governance, Risk and Threat Intelligence to report on program status and coordinate risk tracking
- Maintain and compose operational process documentation regarding program execution
- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience
- 5+ years of IT professional experience
- 2+ years Information Security experience
- Understanding of a variety of technical concepts such as: Networking, systems administration, application development, and information security practices
- Experience with data analytics with the ability to provide qualitative analysis and recommendations
- Strong verbal and written communication skills
- Strong organizational and/or project management skills
- Ability to develop strong working relationships with a variety of other enabling teams
- Strong attention to detail, data accuracy, and data analysis
- Self-motivated and operates with a high sense of urgency and a high level of integrity
- Technical administration of Vulnerability or Secure Code solutions such as Metasploit, Burp, ADB, Rapid7 Nexpose, Qualys, WhiteHat, HP Fortify, Veracode, AppSpider
- Windows Servers, Desktops, Laptops
- UNIX Servers (Solaris, Red Hat Enterprise)
- Network Switching and Routing (Cisco, Juniper)
- Familiarity of TCP/IP and associated protocols
- Certifications such as GIAC Penetration Testing (GPEN) or GIAC Web Application Penetration Testing (GWAPT) are strongly preferred
- Previous experience working in large scale environments with diverse technologies
- Experience and knowledge of performing security tasks within AWS or Azure cloud environments
- Ability to automate technical tasks through use of API or scripting
Applicants must be fully authorized to work in the U.S. and physically be in the U.S.
CORP-to-CORP requests will NOT be entertained.
Relocation assistance will not be available for this position.
Evo is an equal opportunity employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, disability, veteran status, sexual orientation, gender identity, or any other protected factor.