Mindlance
Senior Infrastructure Penetration Tester/Researcher
Mindlance, Fort Lauderdale, Florida, us, 33336
Senior Infrastructure Penetration Tester/ResearcherDuration: 12 months plus
(possible extension or conversion)
Location: HYBRID W/ ONSITE REQUIREMENT - 3 days onsite
Fort Lauderdale, FL or remote
The Role:The
Senior Infrastructure Penetration Tester/Researcher
plays a vital role in Vulnerability Assessments (VA) team and is responsible for
providing VA services to all businesses and technology teams globally . The position will be
identifying weaknesses and vulnerabilities
within the infrastructure and is part of a larger, global team that collectively provide VA support to all of business groups. Commercial and open source Vulnerability Assessment tools and utilities are leveraged during these assessments.
Responsibilities
Provide Vulnerability Assessment/Penetration Testing services to businesses globally through a comprehensive testing processParticipate in special projects ranging from tooling and methodology development, advanced penetration testing as well as architecture reviews with sister teams to "shift-left"Serve as an SME for Infrastructure Penetration Testing in with emerging tooling sets(Containerization, AI, CI/CD etc)Participate in the enhancement of testing processes and methodologiesParticipate in building custom tooling aligned with strategic initiativesValidation of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standardsScan systems and applications, leverage initial results to build a subsequent attack methodology and execute effectivelyReport Information Security vulnerabilities to businesses in an actionable manner
Qualifications
3-5 years' of relevant experience required
in
Offensive Security
with a history of
gradually expanding experience including network and overall infrastructure pentestingStrong
scripting/coding and security tooling experience(Python, Go, Bash, C++/C, Rust) ( willing to discuss if knowledge here is deep and "pentesting" is light )Reverse Engineering / Exploit DevelopmentStrong
hands-on experience with Vulnerability Assessment/Enumeration tools, e.g., Tenable Nessus, Qualys VM, OSS enumeration toolsDemonstrate
hands on experience with penetration testing tools i.e. Kali suite, open-source tooling, Living Off The Land(OS), LOLBINS etcDeep understanding of TCP/IP, Infrastructure stacks(i.e. 3 tier, segmented environments)Demonstrable experience working effectively in Enterprise environmentsUnderstanding of
defensive security principles
with an ability to demonstrate offensive opportunitiesOS and Network Security Experience, e.g. Unix, Linux, Windows, Cisco, etc.Understanding of common protocols, e.g. DNS, SMTP, SNMP, LDAP, Routing ProtocolsThreat Mapping experience is a plusScripting (Bash, Python, etc.)Design experience/understanding on infrastructure/systems (enterprise a big plus)Exceptional interpersonal skills and a proven track record of working effectively with globally diverse teamsAbility to understand new and emerging technologies rapidly to keep up with an ever changing threat landscapeAbility to effectively document and explain exploits/vulnerabilities to technical and non-technical audiences including to senior leadershipDemonstrable proficiency in producing comprehensive penetration testing reports with actionable recommendations
Education
Bachelor's Degree or equivalent work experienceOSCP, OSCE, GXPN, CREST preferred or similar demonstrable experience
"Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans."
(possible extension or conversion)
Location: HYBRID W/ ONSITE REQUIREMENT - 3 days onsite
Fort Lauderdale, FL or remote
The Role:The
Senior Infrastructure Penetration Tester/Researcher
plays a vital role in Vulnerability Assessments (VA) team and is responsible for
providing VA services to all businesses and technology teams globally . The position will be
identifying weaknesses and vulnerabilities
within the infrastructure and is part of a larger, global team that collectively provide VA support to all of business groups. Commercial and open source Vulnerability Assessment tools and utilities are leveraged during these assessments.
Responsibilities
Provide Vulnerability Assessment/Penetration Testing services to businesses globally through a comprehensive testing processParticipate in special projects ranging from tooling and methodology development, advanced penetration testing as well as architecture reviews with sister teams to "shift-left"Serve as an SME for Infrastructure Penetration Testing in with emerging tooling sets(Containerization, AI, CI/CD etc)Participate in the enhancement of testing processes and methodologiesParticipate in building custom tooling aligned with strategic initiativesValidation of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standardsScan systems and applications, leverage initial results to build a subsequent attack methodology and execute effectivelyReport Information Security vulnerabilities to businesses in an actionable manner
Qualifications
3-5 years' of relevant experience required
in
Offensive Security
with a history of
gradually expanding experience including network and overall infrastructure pentestingStrong
scripting/coding and security tooling experience(Python, Go, Bash, C++/C, Rust) ( willing to discuss if knowledge here is deep and "pentesting" is light )Reverse Engineering / Exploit DevelopmentStrong
hands-on experience with Vulnerability Assessment/Enumeration tools, e.g., Tenable Nessus, Qualys VM, OSS enumeration toolsDemonstrate
hands on experience with penetration testing tools i.e. Kali suite, open-source tooling, Living Off The Land(OS), LOLBINS etcDeep understanding of TCP/IP, Infrastructure stacks(i.e. 3 tier, segmented environments)Demonstrable experience working effectively in Enterprise environmentsUnderstanding of
defensive security principles
with an ability to demonstrate offensive opportunitiesOS and Network Security Experience, e.g. Unix, Linux, Windows, Cisco, etc.Understanding of common protocols, e.g. DNS, SMTP, SNMP, LDAP, Routing ProtocolsThreat Mapping experience is a plusScripting (Bash, Python, etc.)Design experience/understanding on infrastructure/systems (enterprise a big plus)Exceptional interpersonal skills and a proven track record of working effectively with globally diverse teamsAbility to understand new and emerging technologies rapidly to keep up with an ever changing threat landscapeAbility to effectively document and explain exploits/vulnerabilities to technical and non-technical audiences including to senior leadershipDemonstrable proficiency in producing comprehensive penetration testing reports with actionable recommendations
Education
Bachelor's Degree or equivalent work experienceOSCP, OSCE, GXPN, CREST preferred or similar demonstrable experience
"Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans."