Remote within the United States
****Must be U.S. Citizen due to the nature of this position
This role will be working within our partner program and with our client’s enterprise and emerging clients. It’s estimated 75% of the time will be spent working with their partner clients, with the other 25% on their direct clients. This requires working with the partner client’s project manager and to do all reporting via their system and formatting. This requires an individual who can work both as an individual contributor or part of a team, with strong technical skills. This role also requires strong writing and speaking skills, and the ability to communicate clearly and professionally without remote management intervention.
Candidates will perform tasks outlined and scoped at the direction of the partner, work may include:
Vulnerability scanning of partners clients using Nessus
Network Security Assessment using a methodical approach, providing repeatable test results and generating associated recommendations.
Network Penetration Test, using both black- and white-box approaches
Work remotely with little supervision
Provide regular status update on projects to partner project manager and our client's partner engagement manager
College degree (B.A., B.S., or advanced degree) in information technology, computer science, another relevant field or equivalent demonstrated work experience.
CISSP, CISM/CISA, CEH, OSCP, or others
3+ years experience or equivalent ability with vulnerability scanning and network security testing
Must have experience working within the consulting field with a consulting company
Strong technical and problem-solving ability, understanding of security principles, policies, and industry best practices.
Deep experience engaging clientele in consulting-related environments
Handle pressure and rapidly changing priorities.
Finish projects on time and subsequently shift to new projects.
Work independently, as well as with others on a team; collaborate well and interact with others.
Understand and apply critical thinking, as well as flexibility. Expected problems are complex and will require different approaches, imagination, experimentation, and judgment. Conceptual analysis may be required to reframe problems, elicit required information, and viable solutions to resolve the problem.
Communicate effectively to elicit information, negotiate, resolve conflict, and gain support for solutions.
Communicate in a non-technical manner for appropriate audiences, both orally and in writing.
Separate problems into components and recognize underlying patterns and processes.
Apply industry knowledge of vulnerability scanning and network security engineering best practices
Lead and/or participate in “Red Team” or “Blue Team” (or blended) engagements
Deliver professional technical writing, including assessment reports, presentations, and procedures
Experience with appropriate tooling: Nessus (an absolute must), Nmap, Burp Suite, MetsSploit, Kali Linux or equivalent
Must be well versed with current and emerging threat/vulnerability data resources such as OWASP Top 10
Understand network infrastructure, network services, virtualization, authentication, similar concepts.
Perform manual and automated reconnaissance, threat modeling, structured attacks, and penetration testing of internal and external partner systems.