Remote
Sikich

PENETRATION TESTER

Technology Brookfield, WI Remote, United States

Description

Essential Job Duties:

  • Penetration testing (ethical hacking) applications & network environments.
  • Author testing plans and penetration test reports.
  • Perform reconnaissance & network surveys to map targets.
  • Research tools & security exploits, blogging about new security finds.
  • Consult on high-level strategic initiatives, highly-technical & detailed regulatory compliance projects.
  • Gain proficiency in the following:
    • Web applications & services.
    • Firewall, IPsec & SSL VPNs, IDS/IPS, WLANs.
    • Database functions, interactions, and communications.
    • Commercial & open source security tools (e.g., Nessus, Nmap, Netcat, , Metasploit, Burp Suite, Bloodhound, Empire, Wireshark, hypervisors, run-live distros, etc.).
    • Scripting (Python, PowerShell, JavaScript, Bash) & application development.
  • Keep up-to-date with tools, countermeasures, threats, & technologies.
  • Share knowledge & mentor new team members & peers.
  • Develop & refine tools, templates, & methodologies.
  • Interpret vulnerabilities, identify weaknesses, exploit them, & escalate your access.
  • Assist with malware analysis & breach investigations.

Qualifications:

  • Previous consulting or penetration testing experience a plus, however, we welcome a passionate IT security hobbyist looking to change their career.
  • Experience managing networks & systems for both Windows & Unix platforms.
  • Know general information security principles.
  • Coding & scripting experience required (Python and Bash).
  • Experience exploiting security holes & fixing them (on your own systems and/or capture the flag and similar environments).
  • Experience with incident response or digital forensics a plus.
  • Ability to communicate with C-level, technical, & non-technical audiences.
  • Certifications in security & IT certifications (CISSP, GIAC, CISA), technical certifications (MCSE, CCNA, etc.), or related industry certifications (QSA, PA-QSA) preferred.
  • Payment card industry (PCI DSS, PA-DSS, P2PE, PFI), financial (GLBA, SOX, SOC/SSAE 18), or healthcare (HIPAA/HITECH) experience preferred.
  • Membership in a professional industry group (InfraGard, OWASP, etc.) preferred.
  • Fluency in Spanish desired.

Life at Sikich LLP

Sikich LLP is an Equal Opportunity Employer M/F/D/V