Information Security Analyst (Penetration Testing) - Tevora
Fairfax, VA
About the Job
Information Security Analyst (Penetration Testing)
at Tevora
Irvine, CA and Fairfax, VA
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?
Tevora is seeking an Analyst to join the Threat, Penetration testing team. This is a growth-oriented role within Tevora's consulting team and you will be expected to contribute to the overall practice through meaningful client work, security community involvement, as well as continuing education. The right candidate will have technical proficiency, experience in Penetration Testing or a related field, and a passion for information security and computer systems. In this position you will analyze and attack our client's services, applications, and networks to ensure they are secured against the latest threats.
A day in the life could include:
- Actively participate in application penetration testing, network penetration testing, wireless network assessments, and social engineering projects
- Produce high-quality penetration testing reports for client executives and technical personnel
- Present the results of penetration testing activities, including an explanation of findings and recommended remediations
Necessary skills and qualifications:
- Minimum of 1-2 years of professional experience in penetration testing, information security, or other relevant technical roles.
- Preferred Bachelor's Degree or achievement of or in process with at least one industry certification: OSCP, OSCE, GWAPT, GPEN, and GXPN
- Ability to learn and willingness to be challenged
- Knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, mobile, and web application security
- Experience using various penetration testing tools (such as NMAP, Nessus,Cobalt Strike,Burp Suite, Metasploit, etc.) on Windows and Linux
- Knowledge of scripting languages (such as, Python, Ruby, Perl, Bash, VB/WScript, PowerShell, etc.)
- Experience with the theory and usage of penetration testing frameworks like SANS, OWASP Testing Guide v4, NIST or PTES
- Excellent written and verbal communication, multi-tasking, time management, and analytical abilities
- Dynamic, enthusiastic attitude with the ability to make concrete progress in the face of ambiguity and incomplete knowledge with a strong sense of ownership, urgency, and drive
Bonus Points:
- Experience and proficiency in one or more application programming languages and frameworks
- Computer Science or Electrical Engineering or related degree.
- T. and network administration experience
- Open-source contributions
- Proficiency in reverse engineering x86 and/or ARM binaries
- iOS and/or Android Application testing experience
- Desktop Application testing experience
- Hardware hacking skills: Soldering, reflow, dumping ROMs, firmware analysis, board protocol fuzzing/interaction (JTAG, UART, SPI, etc)
We've got you covered!
- Comprehensive benefits offering
- Paid time off and holidays
- 401k with Company match
- Vibrant work culture
Additional requirements:
- A valid driver's license is required.
- Eligibility to work in the United States.
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.