Keep current on leading-edge exploitation and post-exploitation techniques and apply them to mature our methods and tools in day to day vulnerability testing and penetration testing processes.
Plan, execute, and lead third-party services to deliver expected quality and timeliness of security testing and remediation management strategy, programs and projects.
Take ownership of managing stakeholder engagement and deliver timely on security testing and remediation management goals; proactively identifying and escalating concerns to senior management in a timely manner.
Gain an in-depth understanding of the operating environment including infrastructure, applications and services.
Conduct infrastructure and application pen tests
Create and demonstrate proof of concepts where vulnerabilities are found (Validation)
Conduct risk assessments, considering environmental controls to determine and articulate remediation strategy and priority.
Partner with and provide guidance/support to stakeholders for meeting remediation plans and target dates.
Prefer degree in Engineering, Computer Science, Information Systems, or equivalent work experience.
3 to 5 years of experience in information security testing and vulnerability remediation management roles
Excellent written, verbal, and communication skills to address various levels of the organization (i.e. executives, system engineers, etc.)
Ability to establish priorities, work independently and proceed with objectives
Experience and skills to perform application and network penetration testing and ethical hacking utilizing both automated tools, as well as manual exploitation techniques.
Working knowledge of vulnerability classification methodologies and CVE definitions to prioritize remediation.
Ability to approach problems with an innovative, can-do attitude.