Penetration Testing Engineer ITAR SME - Diverse Linx
Peoria, IL
About the Job
Role: Penetration Testing Engineer ITAR SME
Experience: Minimum 5 years in product penetration testing
Location: Peoria, Illinois
Technical Competencies & Experience
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Experience: Minimum 5 years in product penetration testing
Location: Peoria, Illinois
Technical Competencies & Experience
- Having good experience and able to work independently on at least few of security tools (Qualys, Kali Linux, Nessus, Netsparker, OpenVAS, Nexpose, Wireshark, Metasploit, Burp, SQLmap, nmap, fuzzers and other penetration testing tools)
- Strong experience in performing penetration tests and/or vulnerability assessments on products (IoT devices, PCB hardware), web applications, mobile Applications, Thick client applications and networks.
- Strong knowledge & understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX/Linux), security technologies (TLS, PKI, OWASP) and Scripting languages (Python, Shell)
- Excellent knowledge on configuration review of Linux, Windows and Network devices with respect to CIS Benchmark, STIG DoD & NIST
- Network protocol knowledge i.e., TCP/IP, UDP, IPSEC, HTTP, HTTPS, DHCP/NTP etc.
- Experience with static analysis tools and software composition analysis tools
- Knowledge of Common Vulnerabilities and Exposures (CVE), Common Platform Enumeration (CPE), Common Weakness Enumeration (CWE) & CVSS (Common Vulnerability Scoring System)
- A strong understanding of technologies and associated protocols such as HTTPS, TLS, DNS, SSL, JTAG, UART...
- Handson experience with fuzzing protocols and identifying crash points. Carrying out network based attacks like DOS, starvation, overwhelming, sensitive information exposure, firmware dumping, DLL hijacking...
- Handson experience with penetration testing tools like bash bunny, rubber ducky, GreatFET, HackRF, USRP
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Source : Diverse Linx