Home

Required Sr. Penetration Tester in Plano, TX -NO H1B at Plano, Texas, USA
Email: [email protected]
From:

Pankaj,

kpg99

[email protected]

Reply to:   [email protected]

Hi,

Hope you are doing well.

Please find the job description below and let me know your interest.

Position: Sr. Penetration Tester

Location: Plano, TX 

Duration: 6+ Months

Mode of Interview: Phone and Video

Job Description:

Responsibilities

1.       

Conduct penetration tests across Web applications, APIs, Mobile applications, infrastructure, cloud environments, and devices.

2.     

Conduct red team engagements across complex environments (including operational technologies).

3.     

Drive all phases of penetration tests and red team engagements, including Scoping, planning, communications, timelines, and execution of key activities (reconnaissance, vulnerability identification, exploitation, and reporting).

4.     

Develop in-depth reports (issue, severity, impact, remediation recommendations) for penetration tests and red team engagements.

5.     

Develop tools and techniques to automate, scale, and accelerate adversary emulation capabilities and vulnerability discovery.

6.     

Develop exploits and POCs to evade defensive countermeasures and emulate threat actor TTPs.

7.     

Establish and mature team documentation, processes, procedures, and team KPIs.

8.     

Mentor penetration testers, red team members, and other functions where needed to drive unified and holistic outcomes.

9.     

Manage third-party pen test and red team engagements to ensure high-quality products and deliverables.

10.   

Support offensive security research, innovation, and testing across emerging capabilities (e.g. AI, LLM, ML, NLP, Smart Contracts, etc.).

Accountabilities

1.       

Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.

2.     

Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape.

3.     

Develop automation to scale global offensive capabilities and operational resiliency.

Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings.

5.     

Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required.

Years of experience

1.       

5+ years of experience in a technical security role (e.g. Penetration Testing, Red Team, Application Security, Infrastructure Security); or  masters degree in computer science/engineering or related cyber field, and 2 years of relevant experience.

Mandatory Technical Skills

1.       

Advanced knowledge of security tools (Burp Suite, Metasploit, Cobalt Strike, Empire, Nmap, bloodhound, etc.) and multiple operating systems (e.g. Windows, Linux).

2.     

Proficient in at least one scripting language (Python, bash, PowerShell) or one programming language (Java, C#, C++).

3.     

Experience in multiple security domains (e.g. Network security, Application Security, Infrastructure Security, Cloud Security, Security operations).

4.     

Experience in aligning threat and vulnerability management efforts to frameworks and control objectives - MITRE ATT&CK, NIST CSF, ISO27001, CIS, OWASP.

5.     

Familiarity with defensive and monitoring technologies such as Intrusion prevention/detection systems (IPS/IDS), Web application firewalls (WAF), security information and event management systems (SIEMs), and endpoint detection/response (EDR) tools, as well as user and entity behavior analytics (UEBA).

6.     

Experience in developing offensive security tooling and automation is a plus.

Non-technical Skills

1.       

A proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter.

2.     

Demonstrated ability to autonomously make high-judgment decisions and take calculated risks.

3.     

Ability to establish trust relationships and influence others to positively impact the security posture and the business.

4.     

Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity.

5.     

Solid customer orientation with excellent oral and written communication skills in English.

6.     

Must be able to operate extremely well under pressure.

Differentiating behaviors

1.       

Ability to lead globally dispersed teams to achieve a unified outcome.

2.     

Experience driving large-scale risk reduction initiatives across Fortune 500 organizations.

3.     

Ability to weigh the relative costs/benefits/trade-offs of potential actions and identify the best resolution.

4.     

Active community engagement: Bug Bounty program engagements, participation in CTFs, or contributions to open-source, etc.

5.     

Information Security certifications such as OSCP, OSCE, GPEN, GWAPT, or GXPN are a plus.

6.     

Ability to organize tasks, manage time, and prioritize actions to meet business needs.

Keywords: cplusplus csharp artificial intelligence machine learning Texas
[email protected]
View all
Tue Dec 05 20:39:00 UTC 2023

To remove this job post send "job_kill 909377" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 14

Location: Plano, Texas