HAYS PLC
HAYS PLC
...

Pen Tester - REMOTE

Job Title

Pen Tester

Sector

Sector informático

Lugar

Tampa, U.S.

Salario

Remuneración bruta 25000.00 - 35000.00 € Anual

Job Type

Indefinido

Horario de trabajo

Trabajo a distancia o desde casa

Job Description

An American Company is seeking a Remote Pen Tester


Role Description


• Work closely with Scrum Teams as a security consultant and educator.

• Through hands-on testing, verify security controls are in place for recently deployed applications and solutions.

• Automate repeatable security checks through scripting or other techniques.

• Assess and recommend methods for consistently implementing security controls through DevOps workflow.

• Create reports both summarizing and detailing findings for Devops, Scrum, and Security Teams. Coordinate with Information Security and Scrum teams to ensure work is prioritized based on risk to the organization.


Skills & Requirements


• Bachelor’s degree in Information Systems or related field or equivalent work experience.

• 5+ years of experience performing penetration tests.

• Knowledge of managing the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.

• Scripting and / or programming experience.

• Excellent organization, communication, collaboration, and interpersonal skills.

• Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization.

• Experience working within a large, complex corporate environment providing consulting services on large initiatives.

• Experience managing and prioritizing multiple tasks in an effective manner.

• Knowledge and understanding of network and security fundamentals, protocols, and technologies.

• Strong understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology.

• Understanding of Technology Platforms (Windows, Linux, Open Source, Middleware Applications, Database Applications, Firewalls).

• Experience developing and providing effective and professional presentations to all levels (including Senior Management).

• Knowledge of cloud computing technology (e.g. Azure, Google Cloud, AWS, etc.).


Preferred Qualifications:

• Industry-recognized security, network, or other professional certifications.

• Experience in conducting training and mentoring of less experienced security professionals.

• Strong subject matter expertise in penetration testing and vulnerability remediation.

• Strong understanding of Information Security industry standards/best practices such as NIST.

• Strong understanding of Information Security related laws and regulations including HIPAA and PCI.

• Experience with engineering and/or architecture of technologies such as network firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.

• Working knowledge of MITRE ATT&CK Framework, Penetration Testing Framework (PTF), and OWASP.

• Knowledge of API security best practices.

Company

In case you offer a job
Crea una oferta de trabajo Create a company page