Pen Tester - REMOTE

Publisher :

HAYS PLC

sector :

IT Sector

Job title :

Pen Tester

location :

Tampa, U.S.

Contract type :

Permanent

Working hours :

Telework/Home work

Salary :

Gross remuneration Yearly

Other

Smart Working
International experiences
Available for business trips

Description

Description

An American Company is seeking a Remote Pen Tester


Role Description


• Work closely with Scrum Teams as a security consultant and educator.

• Through hands-on testing, verify security controls are in place for recently deployed applications and solutions.

• Automate repeatable security checks through scripting or other techniques.

• Assess and recommend methods for consistently implementing security controls through DevOps workflow.

• Create reports both summarizing and detailing findings for Devops, Scrum, and Security Teams. Coordinate with Information Security and Scrum teams to ensure work is prioritized based on risk to the organization.


Skills & Requirements


• Bachelor’s degree in Information Systems or related field or equivalent work experience.

• 5+ years of experience performing penetration tests.

• Knowledge of managing the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.

• Scripting and / or programming experience.

• Excellent organization, communication, collaboration, and interpersonal skills.

• Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization.

• Experience working within a large, complex corporate environment providing consulting services on large initiatives.

• Experience managing and prioritizing multiple tasks in an effective manner.

• Knowledge and understanding of network and security fundamentals, protocols, and technologies.

• Strong understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology.

• Understanding of Technology Platforms (Windows, Linux, Open Source, Middleware Applications, Database Applications, Firewalls).

• Experience developing and providing effective and professional presentations to all levels (including Senior Management).

• Knowledge of cloud computing technology (e.g. Azure, Google Cloud, AWS, etc.).


Preferred Qualifications:

• Industry-recognized security, network, or other professional certifications.

• Experience in conducting training and mentoring of less experienced security professionals.

• Strong subject matter expertise in penetration testing and vulnerability remediation.

• Strong understanding of Information Security industry standards/best practices such as NIST.

• Strong understanding of Information Security related laws and regulations including HIPAA and PCI.

• Experience with engineering and/or architecture of technologies such as network firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.

• Working knowledge of MITRE ATT&CK Framework, Penetration Testing Framework (PTF), and OWASP.

• Knowledge of API security best practices.

This announcement is aimed to both genders and people of all ages and all nationalities.

We ask you to read our privacy policy available at this link https://ominee.com/en/legal/privacy-policy.