SPECTRUM
IT Security
SPECTRUM, Cherry Hills Village, Colorado
This position is eligible for our Hybrid Work Policy. Eligible employees can work from home up to one day each week. JOB SCOPE Responsible for conducting penetration testing of information systems, networks, applications, and databases for vulnerabilities and risks within technology environments. Provides simulated cyberattacks and security assessments, under general direction, to probe existing security measures for potential weaknesses and check for exploitable vulnerabilities. Maintains deep knowledge of vulnerabilities and exploits to discern how they affect different systems and network protocols and their communication with each other. Works closely with engineering and technical operations staff to plan, discover, test, and report on penetration testing engagements and identified findings. DUTIES AND RESPONSIBILITIES Perform web application penetration testing, network penetration testing, mobile application penetration testing, and source code reviews. Basic understanding of a software development lifecycle, scripting languages, and public and private cloud environments. Lead penetration testing engagements to including scoping, testing, reporting, and debriefing findings to business stakeholders. Demonstrate expertise with applications, operating systems, firmware, etc with regards to vulnerabilities and appropriate remediation activities to eliminate risk to the business. Able to work with applications, platforms, and business owners to identify scope and outline requirements for testing engagements. Document and create reports outlining the findings identified as part of an engagement and communicate to business stakeholders. Proficiency in at least one programming language (e.g., Bash, Python, PHP, Ruby) to support development of testing scripts and tools. Review information security trends and leverage new source for emerging threats and vulnerabilities. Ensures compliance with security standards, policies, and procedures. Adheres to industry specific local, state, and federal regulations, as applicable. BASIC / MINIMUM QUALIFICATIONS Bachelor's degree in computer science or information Systems or related field or equivalent experience Minimum of Four (4) years of IT/network Operations/Support At least Four (4) year of Information Security Operations ADDITIONAL JOB QUALIFICATIONS Strong knowledge of Microsoft Office tools, especially Excel, Word, Visio, and Power Point with the ability to document, prepare and present data driven summaries. Contribute to the development of the penetration testing methodologies, testing capabilities and practices, and engagement deliverables within the security operations team. Experience with open-source security testing standards and projects, such as OWASP, OSSTMM, NIST 800-115, and/or PTES. Strong knowledge of network and application testing technologies and tools, such as Burp Suite, OWASP ZAP, Metasploit, Kali Linux Suite, Postman, and others. Working knowledge of TCP/IP and advanced host and network security administrative and technical controls. Demonstrated capabilities with the ability to work across functional boundaries, build consensus and drive results. Strong written and verbal communication skills and should have good presentation skills. Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change. PREFERRED QUALIFICATIONS Experience in a security operations support role performing penetration testing or similar. Experience with penetration testing tools such as: Burp Suite, Kali Linux Suite, OWASP Zap. Current security certifications, such as CompTIA Security, CISSP, CEH, and SANS GIAC. ESE340 2024-42240 2024 Here, employees don’t just have jobs, they build careers. That’s why we believe in offering a comprehensive pay and benefits package that rewards employees for their contributions to our success, supports all aspects of their well-being, and delivers real value at every stage of life. A qualified applicant’s criminal history, if any, will be considered in a manner consistent with applicable laws, including local ordinances. This job posting will remain open until 2024-12-09 02:47 PM (UTC) and will be extended if necessary. The base pay for this position generally is between $78,900.00 and $139,500.00. The actual compensation offered will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. We comply with local wage minimums and also, certain positions are eligible for additional forms of other incentive-based compensation such as bonuses.