black lantern security
Senior Penetration Tester
black lantern security, Charleston, South Carolina, United States, 29408
Location: Charleston, SC (home base) traveling required domestically and internationally
Required
5+ years technical Cybersecurity expertise.
5+ years experience in penetration testing, computer network attack (CNA), and/or computer network defense (CND).
5+ experience with basic scripting languages including bash and/or PowerShell.
Experience with at least one object-oriented programming language (Python, Ruby, Java, etc.).
Must be US citizen (must be willing to submit to federal, state, and local background checks and other requirements).
One or more professional certifications including OSCP, GPEN, GWAPT, etc.
Possess in-depth knowledge of Windows, Unix, TCP/IP, IDS/IPS, and web content filtering.
Demonstrated ability to:
Adhere to the highest standards of honesty and scientific and business integrity.
Think critically about complex problems and situations.
Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).
Develop novel attack vectors based on newly discovered vulnerabilities.
Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND).
Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the Mitre Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework.
Go beyond automated and “push-button” attack tools and utilities.
Possess a basic understanding of regulatory standards and requirements including the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA).
Responsibilities:
Project-Based
Develop and deliver test strategies for attacking and assessing complex and distributed systems.
Scope and execute penetration tests based on customer goals and objectives.
Provide representative tactics, techniques, and procedures (TTPs) for opportunistic, advanced, and sophisticated attackers according to customer goals and objectives.
Provide technical leadership and guidance for junior penetration testers during all phases of an assessment.
Prepare clear and concise situation reports and activity summaries for BLS customers and senior leadership.
Execute verification and validation testing for customer mitigations and fixes.
Develop and deliver walkthrough(s), proof(s) of concept (PoCs), articles, and formal presentations.
Research and Development (R&D)
Attend and/or present at professional conferences and events.
Conduct independent research for:
The development of novel attack methods.
Discovering new and/or undisclosed vulnerabilities.
Contact
Apply Online
#J-18808-Ljbffr
Required
5+ years technical Cybersecurity expertise.
5+ years experience in penetration testing, computer network attack (CNA), and/or computer network defense (CND).
5+ experience with basic scripting languages including bash and/or PowerShell.
Experience with at least one object-oriented programming language (Python, Ruby, Java, etc.).
Must be US citizen (must be willing to submit to federal, state, and local background checks and other requirements).
One or more professional certifications including OSCP, GPEN, GWAPT, etc.
Possess in-depth knowledge of Windows, Unix, TCP/IP, IDS/IPS, and web content filtering.
Demonstrated ability to:
Adhere to the highest standards of honesty and scientific and business integrity.
Think critically about complex problems and situations.
Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).
Develop novel attack vectors based on newly discovered vulnerabilities.
Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND).
Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the Mitre Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework.
Go beyond automated and “push-button” attack tools and utilities.
Possess a basic understanding of regulatory standards and requirements including the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA).
Responsibilities:
Project-Based
Develop and deliver test strategies for attacking and assessing complex and distributed systems.
Scope and execute penetration tests based on customer goals and objectives.
Provide representative tactics, techniques, and procedures (TTPs) for opportunistic, advanced, and sophisticated attackers according to customer goals and objectives.
Provide technical leadership and guidance for junior penetration testers during all phases of an assessment.
Prepare clear and concise situation reports and activity summaries for BLS customers and senior leadership.
Execute verification and validation testing for customer mitigations and fixes.
Develop and deliver walkthrough(s), proof(s) of concept (PoCs), articles, and formal presentations.
Research and Development (R&D)
Attend and/or present at professional conferences and events.
Conduct independent research for:
The development of novel attack methods.
Discovering new and/or undisclosed vulnerabilities.
Contact
Apply Online
#J-18808-Ljbffr