Decision Point Security, Inc Cybersecurity Test Engineer Remote · Full time Company website

Apply for Cybersecurity Test Engineer

Decision Point team has over 150 years combined experience delivering solutions based on sound research principals and critical thinking. Members of the team have been trusted with hardening and assessment of some of our nation’s critical defense infrastructure and weapon systems. We understand that achieving and maintaining adequate security requires thorough understanding of people, processes, and systems. Challenges associated with each of these areas are dynamic and can be costly. Let our team work with you to deliver practical, cost effective solutions.

Responsibilities:

• Plan and execute red / purple team activities, including simulated attacks, application penetration testing, and risk assessments.
• Lead and participate in threat model development
• Evaluate and analyze identified vulnerabilities to assess risk levels and provide clients with informed recommendations on technical security measures and compliance activities.
• Develop and Automate testing tools.
• Identify and provide improvements on existing services, including continuous improvement of methodologies, tools and reports.
• Ensure quality control measures are adhered to for test execution and the production of delivery artifacts.
• Write clear and concise reports detailing findings and recommendations for remediation of identified vulnerabilities.
• Review application and systems for compliance with applicable security standards and best practices.
• Conduct / contribute to comprehensive risk assessments and vulnerability analyses to identify potential security threats and mitigate risks.

The listed responsibilities are not exhaustive and additional responsibilities may be assigned based on the evolving needs of the organization. We are seeking a dynamic individual who is able to adapt and take on new responsibilities as they arise.

Required Qualifications:

• 2+ years of experience in Cybersecurity.
• Relevant technical certifications such as: Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP) certification.
• Experience in network/host-based penetration testing tradecraft and methodologies.
• Experience in web application penetration testing.
• Ability to work independently and as part of a team
• Strong technical writing skills.
• Strong understanding of cybersecurity principles, technologies, and best practices, including encryption, authentication, access control, and secure coding practices.

Preferred Experience and Qualifications:

• Hold a Bachelor’s degree from an accredited college in a relevant discipline, OR equivalent experience.
• Experience in a consulting/professional services role
• Experience in Application Security and/or Software Development
• Familiarity with software development methodologies and practices, particularly Agile and DevSecOps.
• Experience with DevOps and/or Security Maturity Modelling (e.g. OWASP SAMM)
• Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.).
• Proficiency in network/host-based penetration testing tradecraft and methodologies.
• Proficiency in web application penetration testing.
• Skilled at translating technical implementation (infrastructure as code and configuration as code)
• Experience conducting / contributing to comprehensive risk assessments and vulnerability analyses
• Experience testing against one or more IT security compliance frameworks, such as PCI, FISMA, HIPAA, FEDRAMP, or HITRUST
• Assessment of security controls across modern enterprise services architecture

Required:

• US Citizenship
• Ability to hold a clearance

Benefits:

• Generous 401(k) contribution, matching not required
• Company Paid Health Insurance
• Company Paid Dental insurance
• Company Paid Vision Insurance
• Company Paid Life Insurance
• Paid Training
• Home Office Stipend
• 11 Federal Holidays
• Paid Time Off

Location:

• Work will be conducted remotely