• Penetration Tester (Independent Contractor)

    Job Locations US-CA-San Diego
    Job ID 2018-1052
    Category
    Cybersecurity
  • Overview

    We are seeking a qualified Penetration Tester (Independent Contractor) in San Diego, CA to provide cybersecurity support as needed for our commercial clients.

    Responsibilities

    • Conduct network, web application, wireless, and social engineering penetration tests using popular testing platforms including BackTrack/Kali, Metasploit Pro, Cobalt Strike, etc.
    • Conduct vulnerability assessments, security audits, and risk assessments of complex systems.
    • Perform in a sales engineering role including explaining security concepts and the need for penetration testing as well as performing project scoping.
    • Support Sales personnel by developing and maintaining positive relationships with clients.
    • Create additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards and leading practices.
    • Perform other duties as assigned.

    Qualifications

    • Three (3) or more years of pen testing experience.
    • Bachelor's degree in cybersecurity or a related technical field; or three (3) additional years' experience in IT, security, risk management or professional services.

    • Experience and strong ability to use Penetration Testing distributions such as BackTrack, Kali Linux, Pineapple OS, PwnPi OS, and related peripheral hardware (or ability to use custom tools and scripts authored and organized by the candidate).
    • Knowledge of penetration testing methodologies such as PTES and Rapid7's DREAD Methodology.
    • Deep understanding of security principles, policies and industry best practices.
    • Knowledge and experience with security defensive countermeasures, both software and hardware, including antivirus, firewalls, IDS/IPS, SIEM, etc.
    • Experience with using open source security tools.
    • Experience in systems administration of Windows, Linux and BSD Strong understanding of cross-site scripting and SQL injection vulnerabilities and attacks.
    • Understanding of wireless LAN protocols and various WLAN vulnerabilities and attacks.
    • Conceptual understanding of social engineering techniques such as phone pre-texting or e-mail phishing.
    • Proven ability to react constructively and positively in unexpected situations in front of a client.
    • Certified Information Systems Security Professional (CISSP) or equivalent certification is a plus.
    • Certified Ethical Hacker (CEH) certification is a plus.
    • Experience in popular programming languages and shell scripting is a plus.
    • Knowledge of FISMA, NIST, DISA, ISO 17799, PCI, GLBA and HIPAA is a plus.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed