Hamdan Resources
Penetration Testing Lead
Hamdan Resources, Tampa, Florida, us, 33646
Job DescriptionOur client is seeking a
Penetration Testing Lead
to join their Special Purpose Team (SPT). The successful candidate will perform penetration testing and vulnerability scanning as directed by management, and lead efforts in logging and tracking discovered vulnerabilities, triaging remediation tasks, and assigning them to system owners.
This is primarily a remote position; however, candidates must be local to an office location in one of the following areas:
Herndon, VAColorado Springs, COTampa, FLOgden, UTOmaha, NE
Responsibilities
Perform both internal and external penetration testing of network infrastructure and applicationsPerform Red Team assessments including physical, social engineering, and network exploitationPerform well-controlled vulnerability exploitation/penetration testing on applications, network protocols, and databasesDemonstrate advanced understanding of business processes, internal control risk management, IT controls, and related standardsEffectively communicate findings and strategy to stakeholders, including technical staff and executive leadershipIdentify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvementParticipate in regular Purple Team exercises and perform adversary simulations to test defense controlsAssist with scoping prospective engagements, leading engagements from kickoff through remediationWork closely with the Blue Team to test the efficacy of existing alerts and help create new detectionsCreate findings reports and effectively communicate findings to stakeholdersContribute to enhancing the team's toolkitWrite custom scripts to automate tasks related to finding new vulnerabilitiesMaintain the playbook to continually improve company penetration testing methodologies and threat modelingTravel to test IoT physical and mobile devices at least 25%
Clearance
U.S. citizen eligible for a Secret
Required Qualifications
Bachelor's degree in Engineering, Computer Science, IT, or equivalent work experience10+ years of experience in Penetration Testing, Red Team, and Purple TeamAdvanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.)Demonstrable understanding of voice and data networks, major operating systems, active directory, and cloud technologiesDemonstrated knowledge of MITRE s ATT&CK framework and ability to execute and chain TTPsAbility to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear and precise terms.Ability to optimally code in a scripting language (Python, Bash, PowerShell, Rust, C, C++, Golang, etc.)
Desired Qualifications
CRTO, OSCP, or other relevant certifications
Hamdan Resources, LLC is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer (EEO/AA), making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship and/or authorization to work within the U.S.is required for most positions.
Penetration Testing Lead
to join their Special Purpose Team (SPT). The successful candidate will perform penetration testing and vulnerability scanning as directed by management, and lead efforts in logging and tracking discovered vulnerabilities, triaging remediation tasks, and assigning them to system owners.
This is primarily a remote position; however, candidates must be local to an office location in one of the following areas:
Herndon, VAColorado Springs, COTampa, FLOgden, UTOmaha, NE
Responsibilities
Perform both internal and external penetration testing of network infrastructure and applicationsPerform Red Team assessments including physical, social engineering, and network exploitationPerform well-controlled vulnerability exploitation/penetration testing on applications, network protocols, and databasesDemonstrate advanced understanding of business processes, internal control risk management, IT controls, and related standardsEffectively communicate findings and strategy to stakeholders, including technical staff and executive leadershipIdentify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvementParticipate in regular Purple Team exercises and perform adversary simulations to test defense controlsAssist with scoping prospective engagements, leading engagements from kickoff through remediationWork closely with the Blue Team to test the efficacy of existing alerts and help create new detectionsCreate findings reports and effectively communicate findings to stakeholdersContribute to enhancing the team's toolkitWrite custom scripts to automate tasks related to finding new vulnerabilitiesMaintain the playbook to continually improve company penetration testing methodologies and threat modelingTravel to test IoT physical and mobile devices at least 25%
Clearance
U.S. citizen eligible for a Secret
Required Qualifications
Bachelor's degree in Engineering, Computer Science, IT, or equivalent work experience10+ years of experience in Penetration Testing, Red Team, and Purple TeamAdvanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.)Demonstrable understanding of voice and data networks, major operating systems, active directory, and cloud technologiesDemonstrated knowledge of MITRE s ATT&CK framework and ability to execute and chain TTPsAbility to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear and precise terms.Ability to optimally code in a scripting language (Python, Bash, PowerShell, Rust, C, C++, Golang, etc.)
Desired Qualifications
CRTO, OSCP, or other relevant certifications
Hamdan Resources, LLC is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer (EEO/AA), making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship and/or authorization to work within the U.S.is required for most positions.