10 days ago
SENIOR NETWORK & CLOUD PENETRATION TESTER (Full-Remote)
You must be a U.S. Citizen or Permanent Resident in order to qualify.
- Perform cloud and network vulnerability assessment networks and hosts
- Execute network penetration tests and red team engagements with offices and employees to assess the effectiveness of security controls
- Complete documentation of all activities/tasks within the team's defined procedures
- Identify upgrades that are required for existing tools
- Proficient in scripting languages such as Python, PowerShell, and Bash.
- Competent with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, and AutoSploit.
- Experience conducting penetration-testing/red team engagements as a consultant or within a previous role in a professional organization.
- Strong AWS architecture, and CLI/API fundamentals, particularly for most common AWS services.
- Strong fundamentals with AWS security services, including CloudTrail, CloudWatch, GuardDuty, KMS, SSO, Secrets Manager, Cognito, VPCs / VPC Flow Logs
- Understanding AWS attack vectors and possible misconfigurations, such as IAM privilege escalation methods, EC2 Systems Manager, Cloud
- Strong operating system knowledge across *nix, Windows, and Mac; proficient with networking protocols.
- Ability to obtain and maintain persistence within corporate systems, while avoiding detection.
- Familiarity with defensive and monitoring technologies such as intrusion prevention/detection systems (IPS/IDS), security information and event management systems (SIEMs), firewalls, endpoint protection (EPP), and endpoint detection/response (EDR) tools, as well as user and entity behavior analytics (UEBA).
- Understanding of OWASP, the MITRE ATT&CK framework, and the software development lifecycle (SDLC).
- Strong communication skills, written & verbal
- A strong curiosity for all things security.