Cyber Security Engineer

Description

Senior Penetration Tester

Responsibilities include but not limited to

• Develop and operationalize a Pentest program

• Create necessary Policies, standards and procedures to support the Pentest program

• Conduct web application, mobile application, network, wireless, and operational technology penetration tests.

• Conduct security assessments of cloud environments and application source code review.

• Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST, PTES).

• Use common penetration testing and red-team tools, tactics, techniques, and procedures.

• Utilize custom penetration testing tools, frameworks, and infrastructure.

• Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation.

• Document and deliver technical reports on detailed findings and vulnerability remediation recommendations.

• Collaborate with clients throughout an assessment on status and vulnerability information.

• Evolve existing capabilities and toolset.

Desired Skills

• Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE).

• Experience creating/developing programs from scratch

• Experience drafting policies, Standards and procedures.

• Penetration Testing in 3 or more of the following:

o Web Applications

o Network (Internal / External)

o Active Directory

o Mobile Applications

o Cloud Environments

o Phishing

• Tools / Services:

o NMAP

o BurpSuite

o CrackMapExec

o BloodHound

o Ansible

o Terraform

o Git

• AWS

Qualifications/Requirements:

• Bachelor's Degree in IT related field or higher OR 10 years experience in an information technology field with a minimum of 3 years of cyber security experience.

• At least 2 years of experience related to conducting penetration tests or red-team assessments

• Offensive Security Certified Professional preferred but not required: OSCP experience and knowledge required.

• General knowledge and understanding of information security and privacy-related regulations.

Requirements Enterprise Risk, IT Risk Management, Operational Risk, Risk Management, Security Technology Doesn't Change the World, People Do.®

Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (~~~) and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit ~~~ for more information.

© 2023 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use (https:///~~~/us/en/terms) .