Information Security Consultant/Penetration Tester

Attention! This job posting is 544 days old and might be already filled.
Kraft Kennedy Published: November 29, 2015

<p><b>Roles and Responsibilities</b></p>
<p><span style="font-weight: 400;">We are looking for a passionate </span><b>Information Security Consultant/Penetration Tester </b><span style="font-weight: 400;">with strong experience in performing penetration tests and vulnerability assessments on networks, web applications and other types of computer systems. In addition, experience in security architecture, technology, risk, compliance and governance is desired. </span></p>
<p><span style="font-weight: 400;">The successful candidate will be an integral part of our growing Information Security &amp; Governance consulting practice </span><b><i>focused on vulnerability assessments, penetration testing</i></b><span style="font-weight: 400;"> and </span><b><i>risk assessments.</i></b></p>
<p><span style="font-weight: 400;">This individual will be responsible for reviewing and testing our clients’ technical, administrative and physical controls within their information technology environment and provide guidance on mitigating the risks based upon the results. </span></p>
<p><span style="font-weight: 400;">The successful candidate must be an individual who understands business operations, information technology and security. High level communication skills are essential to successfully translate technology and security requirements into business terms. Strong client service/consulting skills are necessary for interacting with various levels of internal IT staff as well as corporate leadership.</span></p>
<p><span style="font-weight: 400;">To be successful in this role the candidate must:</span></p>
<ul>
<li style="font-weight: 400;"><span style="font-weight: 400;">Maintain working knowledge of advanced cyber threat actor tactics and techniques</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Research, identify and understand new threats</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Conduct risk assessments, security audits, vulnerability/penetration tests with commercial, open source and self-developed tools and techniques</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Document and present findings to the team and clients</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Work with and potentially lead incident response teams</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Excel as a self-motivated individual who can work on their own as well as integrated with a team in a variety of situations</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Have excellent technical aptitude and the ability to think outside the box</span></li>
</ul>
<p>&nbsp;</p>
<ul>
<li style="font-weight: 400;"><span style="font-weight: 400;">Willingness to travel stateside is needed</span></li>
</ul>
<p><b>Desired skills &amp; Experience</b></p>
<ul>
<ul>
<li style="font-weight: 400;"><span style="font-weight: 400;">2+ years conducting vulnerability and penetration testing, security audits, and risk assessments.</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Consulting experience is required</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Experience in a number of IT disciplines may provide a solid framework for this position, but hands-on results from performing IT risk assessments, information security consulting or IT audits are required</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">CISA, CISSP, CEH, GPEN, Security + or equivalent security testing and architecture certifications</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Proven experience with security tools such as Nmap, Metasploit, Nexpose, Nessus, Kali Linux, etc., as well as other various commercial and self-developed tools is preferred</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Ability to perform wireless security testing and assessments</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Must possess strong verbal and written skills</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Experience with scripting languages such as python, ruby, etc., as well as familiarity with programming languages such as: C/C++/ObjC/C#, Java, PHP, or .NET is preferred</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Strong knowledge of the Windows client/server architecture and familiarity with Linux/Unix</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Strong networking knowledge with a focus on security</span></li>
<li style="font-weight: 400;"><span style="font-weight: 400;">Familiarity with incident handling techniques and processes desired</span></li>
</ul>
</ul>
<p>&nbsp;</p>
<ul>
<li><b><i><b><i>Law firm experience is a definite a plus!</i></b></i></b></li>
</ul>
<p>&nbsp;</p>
<p>&nbsp;</p>

Apply
 upload file ... Limit reached, delete at least one file below to add more.