Penetration Test/Simulated Attack Specialist

Clear Ridge Defense - Baltimore, MD

Job Description


Security Engineer/Penetration Tester


***This is a Part-Time position ***

Work individually or part of a small team performing comprehensive security assessments and penetration testing against small and large-scale networks. Conduct the assessment of threats and vulnerabilities through testing and evaluation activities. These can include web penetration testing, internal and external security assessments, vulnerability discovery and exploitation, post exploitation impact analysis, and physical security. Able to conduct hands–on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments. Conduct scenario–based security testing, or red teaming to identify gaps in detection and response capabilities of client networks. Apply knowledge to develop comprehensive and accurate reports and presentations as needed and communicate findings to stakeholders. Apply security testing and penetration testing techniques and mindset to a wide range of projects.

Basic Qualifications:

-3+ years of experience with programming in one or more of the following: Python, Ruby, Bash, C, or C++, including scripting and editing existing code

-3+ years of experience in two or more of the following: network vulnerability assessments, Web application security testing, network penetration testing, or red teaming

-2+ years of experience with penetration testing tools, including Kali Linux, Burp, Nmap, Wireshark, Nessus, Metasploit, Core Impact, and Cobalt Strike, WebInspect, AppDetective, Hailstorm, Aircrack–ng, and Kismet

-Experience with using, administering, and troubleshooting Linux and Windows environments

-Experience with Windows environments and Active Directory concepts

-Knowledge of applications, database, and Web server design and implementation

-Knowledge of network protocols, common vulnerabilities, attack vectors and open security testing standards, including OWASP Top 10

-Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff

Preferred Additional Qualifications:

-5+ years Experience with programming at least one of the following: Perl, Python, Ruby, Bash, C or C++, C#, PHP, iOS, SQL, or Java, including scripting and editing existing code

-BS degree in Computer Engineering, CS, or other technical field

-Experience with assembly languages, including x86 or reverse engineering

-Experience with wireless LAN security, including 802.11 standards

-OSCP, OSCE, or OSWE or SANS Certification


Posted On: Saturday, October 20, 2018

Apply to this job
  • *
  • *
  • *