Make an Impact with A-Players, Earn Creative Freedom | Why This Role is Worthwhile

Cybersecurity is set to become a $10 trillion criminal enterprise by 2025, outpacing the illegal drug trade. You have the unique opportunity to make an impact on one of the most important problems of our time.

In this role, you will work with a team of penetration testers to conduct enterprise-level penetration tests to find vulnerabilities and deliver reports that leave no doubt in the minds of our clients’ most important stakeholders. The senior penetration tester will have the opportunity to advance their careers through 1:1 coaching and development of their technical craft, consultative, managerial, and leadership skills.

If you want to surround yourself with A-Players, have the drive and desire for creative freedom, and want to make a huge impact, this position is for you. We also have a great culture and amazing benefits. We highly recommend that you read a few of our blog posts on culture, check out our YouTube channel, and see what you can find on the internet. We’re an open book.

Supervisory Responsibilities

· Delegate to penetration testers to provide stretch opportunities, coaching them to deliver results.

· Occasional report quality assurance for penetration testers.

Core Responsibilities

We are looking for a full-time (exempt) individual looking to start their cybersecurity career, who is passionate about technology and innovation, and is looking to step into a highly visible role with high-growth tech clients across the US. This position will report to the Renegade Labs Practice Leader.  

In this role, you will:

• Execute a variety of complex penetration testing assessments and vulnerability assessments including network pentesting, web application pentesting, and cloud penetration testing.
• Enhance testing by identifying novel attack patterns against systems and applications based on real-world data.Act as a subject matter expert in offensive information security, performing dynamic and manual security assessments on applications, networking interfaces, middleware infrastructure, operating systems, and databases.
• Develop new testing methods and techniques to identify vulnerabilities and entry points that attackers may use to exploit applications, networks, and systems.
• Continuously learn and keep pace with quickly moving and dynamic adversaries.
• Employ strong technical writing and presentation skills to report and articulate assessment results to any audience.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation

Education and Experience

·        2+ years of experience with multiple types of penetration testing

·        Experienced and comfortable interacting and communicating with teammates and customers

·        Experience attacking Active Directory and supporting components (SQL Server, Exchange, etc.)

·        Experience attacking modern web stacks and identifying issues beyond scanner results

·        A practical knowledge of scripting languages (Python, Bash, and PowerShell being the most useful)

·        Strong comfort with advanced usage of Windows and/or Linux

·        Ability to meet deadlines with a high degree of motivation and teamwork

·        Excellent written and oral communication skills

Certifications

Possession of or in the process of obtaining two or more security-related certifications:

o  Offensive Security Certified Professional (OSCP)

o  Offensive Security Experienced Penetration Tester (OSEP)

o  Offensive Security Web Expert (OSWE)

o  GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

o  eLearnSecurity Certified Penetration Tester eXtreme (eCPTXv2)

o  eLearnSecurity Web Application Penetration Tester eXtreme (eWPTXv2)

o  Certified Red Team Operator (CRTO)

o  Certified Red Team Professional (CRTP)

o  Certified Red Team Expert (CRTE)

Things considered a plus:

o  Public blog/website

o  Active GitHub profile

Specific Benefits

·        Training/professional development budget for certifications

·        Conference attendance budget

·        Certification exam reimbursement

Physical Requirements

·        Prolonged periods sitting at a desk and working on a computer.

·        Must be able to lift to 15 pounds at times

Disclaimer: Risk3sixty reserves the right to change job duties at any time and the job description is not designed to cover every requirement of this job.  

Date Reviewed: 11/21/2022