The Penetration Tester/Threat and Vulnerability Management Engineer 2 manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Monitors overall compliance with security standards and conducts periodic security audits using techniques such as ethical hacking and penetration testing. Understands department, segment, and organizational strategy and operating objectives, including their linkages to related areas. Makes decisions regarding own work methods, occasionally in ambiguous situations, and requires minimal direction and receives guidance where needed. Follows established guidelines/procedures.
Typically requires Bachelor's degree or equivalent experience and 5 years or more of technical experience
Preferred Qualifications / Information about the role:
- 1-2 years of experience in cyber security testing, defense, red teaming or penetration testing
- Experienced in setting up testing scenarios from an adversarial perspective or performing reconnaissance on a company in order to test cyber defense and detection.
- Experienced in exploiting application layer vulnerabilities and creating and/or customizing exploits
- Ability to create and/or customize exploits in order to penetrate a network
- Knowledge of OWASP Top 10
- Ability to report and discuss technical findings to non-technical people.
- Penetration Testing Security Certification (e.g., CEH, OSCP, OSWP, eCPPT, eWAPT, eMAPT)
- Ability to exploit vulnerabilities in Linux
- Ability to exploit vulnerabilities in Windows
- Knowledge of Powershell or another scripting language
- Ability to exploit network equipment and/or embedded devices
- Experience with social engineering tests
- Experience with phishing campaigns
Scheduled Weekly Hours40