Penetration Tester

$140,000 - $180,000/Yr

Arrow Search Partners - New York, NY

posted 7 days ago

Full-time - Mid Level
New York, NY
Administrative and Support Services

About the position

The Security Analyst/Penetration Tester will lead a new division within Cyber Security at a rapidly growing financial consulting firm. This role involves managing and executing security assessments, working closely with clients on vulnerability management, and effectively communicating findings and remediation strategies to stakeholders.

Responsibilities

  • Manage and execute security assessments for multiple projects simultaneously and ensure project timelines are met
  • Work with client resources on vulnerability management engagements ranging from vulnerability scanning to remediation consulting
  • Effectively communicate vulnerability findings and remediation strategy to client stakeholders including client leadership and technical security team resources
  • Manage consultants, train staff and external clients as necessary

Requirements

  • 3 - 10 years' experience in Cyber Security focused role
  • Expert penetration testing capabilities
  • Experience performing automated and manual hands-on vulnerability testing, identifying security risks within target systems and developing key recommendations to remediate identified vulnerabilities
  • Thorough understanding of open security testing standards and projects such as OWASP
  • Experience with testing tool set solutions, such as Qualys, Tenable, Rapid7, Metasploit, Burp Suite, Kali Linux, etc.
  • Knowledge of core cloud service provider (AWS, Azure, GCP) security practices and experience using security testing tools against resources in these cloud environments
  • Experience with covert computer network exploitation and red team exercises
  • Experience with enterprise secure code analysis solutions such as Veracode, CheckMarkx, AppScan source, etc.
  • Core understanding of cryptography and key management concepts
  • Experience with key network security components, including firewalls, intrusion detection systems, anti-virus/anti-malware solutions, authentication systems, logging management systems, content filtering, etc.
  • Deep understanding of key web application security vulnerabilities, such as Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service