Vulnerability Assessment / Penetration Tester - Axelon Services Corporation
FORT LAUDERDALE, FL 33394
About the Job
Global Financial Firm located in FORT LAUDERDALE, FL has an immediate contract opportunity for an experienced Vulnerability Assessment / Penetration Tester
"This role is currently on a Hybrid Schedule.
You will need to have reliable internet, computer and android or iphone for remote access into the client systems during remote work.
We will be expected in the office weekly 2-3 days depending on the team requirement.
****Video/ f2f interviews are required prior to all offers.
Responsibilities:
" Provide Vulnerability Assessment/Penetration Testing services to Client businesses globally through a comprehensive testing process
" Participate in special projects ranging from rush testing of critical components to architecture reviews with sister teams to shift-left
" Acting as an SME for Infrastructure Penetration Testing in cross-functional efforts/projects
" Participate in the enhancement of testing processes and methodologies
" Identify weaknesses and vulnerabilities within the system, exploit them and propose countermeasures
" Validation of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards
" Scan systems and applications, leverage initial results to build a subsequent attack methodology and execute effectively
" Report Information Security vulnerabilities to businesses in an actionable manner
Qualifications:
" 3-5 years of relevant experience in offensive security with a history of gradually expanding experience prior
" Exceptional interpersonal skills and a proven track record of working effectively with globally diverse teams
" The ability to understand new and emerging technologies rapidly to keep up with an ever changing threat landscape
" The ability to effectively document and explain exploits/vulnerabilities to technical and non-technical audiences including to senior leadership
" Demonstrable proficiency in producing comprehensive penetration testing reports with actional recommendations
" Deep understanding of TCP/IP, Infrastructure stacks(i.e. 3 tier, segmented environments)
" Demonstrable experience working effectively in Enterprise environments
" Demonstrate hands on experience with Vulnerability Assessment/Enumeration tools, e.g., Tenable Nessus, Qualys VM, OSS enumeration tools
" Demonstrate hands on experience with penetration testing tools i.e. Kali suite, open-source tooling, Living Off The Land(OS)
" Understanding of defensive security principles with an ability to demonstrate offensive opportunities
" OS and Network Security Experience, e.g. Unix, Linux, Windows, Cisco, etc
" Understanding of common protocols, e.g. DNS, SMTP, SNMP, LDAP, Routing Protocols
" Hands on experience with MITRE Telecommunication&CK Framework or similar
" Experience with TTP s, IOC s and advanced threat analysis
" Threat Mapping experience
Certifications:
" OSCP, OSCE, GXPN, CREST or similar demonstrable experience
" Nice to have: CCNP, CISSP, TOGAF/SABSA, Microsoft/Linux Certifications
Other skills and abilities:
" Scripting(Bash, Python etc)
" Reverse Engineering / Exploit Development
" Design experience/understanding ( infrastructure/systems/enterprise)
Education:
" Bachelor's Degree or similar work experience
"This role is currently on a Hybrid Schedule.
You will need to have reliable internet, computer and android or iphone for remote access into the client systems during remote work.
We will be expected in the office weekly 2-3 days depending on the team requirement.
****Video/ f2f interviews are required prior to all offers.
Responsibilities:
" Provide Vulnerability Assessment/Penetration Testing services to Client businesses globally through a comprehensive testing process
" Participate in special projects ranging from rush testing of critical components to architecture reviews with sister teams to shift-left
" Acting as an SME for Infrastructure Penetration Testing in cross-functional efforts/projects
" Participate in the enhancement of testing processes and methodologies
" Identify weaknesses and vulnerabilities within the system, exploit them and propose countermeasures
" Validation of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards
" Scan systems and applications, leverage initial results to build a subsequent attack methodology and execute effectively
" Report Information Security vulnerabilities to businesses in an actionable manner
Qualifications:
" 3-5 years of relevant experience in offensive security with a history of gradually expanding experience prior
" Exceptional interpersonal skills and a proven track record of working effectively with globally diverse teams
" The ability to understand new and emerging technologies rapidly to keep up with an ever changing threat landscape
" The ability to effectively document and explain exploits/vulnerabilities to technical and non-technical audiences including to senior leadership
" Demonstrable proficiency in producing comprehensive penetration testing reports with actional recommendations
" Deep understanding of TCP/IP, Infrastructure stacks(i.e. 3 tier, segmented environments)
" Demonstrable experience working effectively in Enterprise environments
" Demonstrate hands on experience with Vulnerability Assessment/Enumeration tools, e.g., Tenable Nessus, Qualys VM, OSS enumeration tools
" Demonstrate hands on experience with penetration testing tools i.e. Kali suite, open-source tooling, Living Off The Land(OS)
" Understanding of defensive security principles with an ability to demonstrate offensive opportunities
" OS and Network Security Experience, e.g. Unix, Linux, Windows, Cisco, etc
" Understanding of common protocols, e.g. DNS, SMTP, SNMP, LDAP, Routing Protocols
" Hands on experience with MITRE Telecommunication&CK Framework or similar
" Experience with TTP s, IOC s and advanced threat analysis
" Threat Mapping experience
Certifications:
" OSCP, OSCE, GXPN, CREST or similar demonstrable experience
" Nice to have: CCNP, CISSP, TOGAF/SABSA, Microsoft/Linux Certifications
Other skills and abilities:
" Scripting(Bash, Python etc)
" Reverse Engineering / Exploit Development
" Design experience/understanding ( infrastructure/systems/enterprise)
Education:
" Bachelor's Degree or similar work experience
Source : Axelon Services Corporation