About Specialized Security Services, Inc.
For over two decades, our expert team has successfully assisted organizations with the implementation and oversight of their information security, privacy, and regulatory compliance programs. Our reputation is our own, built upon our steadfast commitment over the years to do the right thing and go above and beyond for our clients. We pride ourselves on our ability to think outside-the-box, stay nimble and succeed as a team. Additionally, education is important to Specialized Security Services, Inc. We encourage all team members to grow their knowledge base through continuing education, and as such offers reimbursement for industry related certifications.
Position Summary
The Senior Penetration Tester role offers an exciting opportunity to work on a range of high-profile client engagements while continuing to deepen their skills and broaden their impact on the security community as a whole. They will work with team members to lead penetration and vulnerability management engagements, assessing the security and compliance of various types of client applications and supporting infrastructure against regulatory and industry requirements and standards, as well as security best practice frameworks.
The ideal candidate is a technical leader with broad and deep technical skills, meeting the objectives of their engagements, collaborating with clients, and providing subject matter expertise across one or more technical domains. The Senior Penetration Tester is a trusted advisor to clients, and through objective penetration testing and results reporting, supports the client in making well-informed, risk-based decisions to improve overall security posture.
Responsibilities
- Conduct network, web application and other types of penetration testing, code reviews, social engineering, red team engagements, and physical security assessments.
- Conduct security assessments on a wide variety of technologies and implementations.
- Simulate sophisticated cyberattacks for clients worldwide.
- Being part of a global team of penetration testers, sharing knowledge and methodologies.
- Running and conducting penetration test projects with minimal oversight.
- Perform Vulnerability Assessments, Penetration Test, Ethical Hacking, Firewall Assessments, Social Engineering engagements.
- Manage priorities and tasks to achieve utilization targets.
- Advise clients on technical security or compliance activities.
- Produce reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
- Participate in the development and implementation of the enterprise security architecture and supporting security standards to ensure compliance with corporate policies, and relevant legislative and regulatory requirements.
- Either handle or escalate client and project-related issues in a timely manner.
- Collaborates with the service delivery team and quality assurance to drive customer satisfaction.
- Other duties, as assigned.
Qualifications & Experience
- 5+ years of professional experience in a penetration testing role.
- Ensures quality reports and services are delivered efficiently and on time.
- Should be well versed in all aspects of penetration testing, with an emphasis on web applications, internal networks, and external networks.
- Problem solving skills and the ability to work under pressure in a fast-paced environment.
- Experience with security hardening techniques and policy development, particularly regarding secure software development methodologies and process
- In depth knowledge of Windows/Linux/UNIX operating systems
- Demonstrates advanced knowledge of the principles, best practices architecture and design approaches to applicable capabilities, services, and standard controls.
- Experience with one or more IT security compliance frameworks (PCI, NIST, ISO, CIS)
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Operates with professionalism both internally and with clients.
Education & Certifications
- A university degree in Computer Science, Engineering, or related work experience.
- Offensive Security Certifications preferred, such as OSCP, OSWE, OSEP, OSCE
- Certified Ethical Hacker (CEH)
- Vulnerability Management/Assessment tools
- Penetration Testing tools and Scripting (Python, etc)
To All Agencies: Please, no phone calls or emails to any employee of Specialized Security Services, Inc. outside of the Talent Acquisition Team. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition Team. Any resume submitted outside of this process will be deemed the sole property of Specialized Security Services, Inc. and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.