Penetration Tester-Ethical Hacker - RedLens InfoSec

$75,000 - $115,000/Yr

Nelnet - Santa Fe, NM

posted 2 months ago

Full-time - Mid Level
Santa Fe, NM
Credit Intermediation and Related Activities

About the position

CampusGuard, a Nelnet Company, is dedicated to providing top-notch information security services tailored for campus-based organizations, including higher education institutions, healthcare providers, and government agencies. As a full-service information security firm, we leverage our extensive knowledge and adhere to industry standards to deliver world-class security and compliance services. Our division, RedLens InfoSec, focuses on protecting personally identifiable information through comprehensive assessments of systems, infrastructure, personnel procedures, and physical security. The Penetration Tester/Ethical Hacker plays a crucial role in assessing the risk and vulnerability posture of our customers' business and operating environments. This position demands a deep understanding of network infrastructures, operating systems, and the security vulnerabilities associated with each. The successful candidate will conduct thorough scans of customer networks to identify and exploit security flaws, simulating attacks across various platforms while adhering to a specific customer-focused scope of work. This role requires a high level of technical expertise to evaluate risks and vulnerabilities effectively, as well as the ability to communicate findings to non-IT professionals clearly. Excellent oral and written communication skills are essential for reporting results to customers post-testing. Additionally, the Penetration Tester will support Security Advisors in conducting other security assessments and gap analyses when not engaged in penetration testing activities.

Responsibilities

  • Understand the Scope of Work for each customer agreement and perform the duties and tasks required by those agreements in an organized, professional manner.
  • Perform vulnerability assessments and penetration testing, utilizing commercial and open source tools.
  • Conduct web application penetration testing in line with Open Web Application Security Project.
  • Exploit security flaws and vulnerabilities with attack simulations on multiple projects working against specific customer systems and networks in accordance with an agreed scope of work.
  • Effectively provide technical risk assessment of technologies in networks, applications, systems, wireless, and perform social engineering.
  • Review and analyze security vulnerability data to identify applicability and false positives.
  • Ability to solve complex technical problems and articulate to non-IT personnel.
  • Document all processes and procedures in accordance with CampusGuard standards.
  • Report on findings and advise customers in remediation activities as required.
  • Research and develop testing tools, techniques, and process improvements.
  • Perform security assessments and gap analysis of system infrastructures in alignment with the PCI DSS, HIPAA and other well-known information security requirements when time allows.
  • Participate in sales calls as an industry expert.
  • Attend conferences as appropriate.
  • Prepare and perform industry-related presentations and/or webcasts.
  • Other sales/marketing support duties as requested.

Requirements

  • Bachelor's degree in Computer Science, Cyber Security or equivalent experience.
  • Minimum of 3 years' experience in the information security industry or equivalent experience.
  • Possess industry-recognized security certification(s) such as OSCP, GPEN, OSWE, OSWP, CompTIA PenTest+, CASP+, CRTO, PNPT.
  • Must agree to prepare for and pass certifications as directed by supervisor, such as PCI Professional (PCIP).
  • If education criteria are not met, a minimum of five years of relevant information security experience or proof of other recognized security certifications is required.

Nice-to-haves

  • Offensive Security Web Expert (OSWE), Offensive Security Certified Expert (OSCE), or Offensive Security Certified Professional (OSCP) highly preferred.
  • Experience with penetration testing of cloud hosted environments is a plus.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service