| Penetration Tester__H1B, CPT, OPT__Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: shreya singh, RCI [email protected] Reply to: [email protected] Position: Penetration Tester Location: Orlando, FL - REMOTE Length: 6-9Months contract Interview: Video Visa Status: All visas except H1B, CPT, OPT LinkedIn Needed Special note : This Position Might Reach its maximum submittal limit Within 1-2 Hour, So Please Share Profile As soon as possible. Responsibilities: Perform red and purple team assessments, assumed breach assessments, threat analysis, and social engineering assessments. Communicate findings, associated risks, business impacts, and strategies to client stakeholders, including technical staff, executive leadership, and legal counsel. Research threats, vulnerabilities, and exploit techniques that attackers may use to exploit people, processes, and technology. Develop and prototype novel capabilities and techniques to enhance KPMG US Cybers red teaming capabilities and to avoid defensive countermeasures. Debug exploits and extend red team operations infrastructure automation. Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement. Understand clients' business environment and basic risk management approaches. Guide technical audiences on remediation options and assist them in weighing those options. Take ownership for delivering high-quality technical and executive reports. Partner with the other KPMG Cyber teams to support the practice and mentor junior and offshore team members on tradecraft and red team operations. Required: Minimum three (3) years of recent experience working with application and/or network penetration tools to perform security tests. Experience with breaching external networks and conducting post-exploitation across applications, internal infrastructure, and cloud environments. Understanding of real-world adversary operations TTPs. Experience applying frameworks (e.g., MITRE ATT&CK) in red and purple team engagements. Minimum two (2) years of recent experience conducting red and purple team exercises. Expertise in at least one common C2 framework (e.g., Cobalt Strike, Mythic, Empire). Experience evading antivirus, egress filtering, application allow-listing, and other security controls. Experience with several programming languages (examples include Bash, Python, C/C#/C++, Go, and Rust). Experience with quickly configuring and deploying resilient and flexible infrastructure. Ideally proven ability to automate red team operations infrastructure. Desirable certifications: SCP, OSEP, OSCE3, GRTP, GXPN, CRTO I/II, Sektor7. Ability to travel as necessary (up to 25%). Preferred Qualifications: Security community participation (e.g., conference speaker, tool development contributor). Track record in vulnerability research and CVE assignments. Experience with PE file format and low-level Windows APIs and internals. Experience with reverse engineering and Windows debugging (e.g., via IDA, Ghidra, WinDBG, etc.). Knowledge of EDR detection capabilities such as Carbon Black/CrowdStrike, etc. and associated evasion techniques for behavioral based alerts Thanks and Regards _______________________________ Shreya Singh Resource Consultings Services Inc. Parsippany, NJ Ofc :: +1 732-419-1488 Email: [email protected] www.rconsultinginc.com Keywords: cprogramm cplusplus csharp golang Florida New Jersey Penetration Tester__H1B, CPT, OPT__Remote [email protected] |
| [email protected] View all |
| Thu May 16 23:32:00 UTC 2024 |