Security Engineer

Position: Security Engineer (Penetration Tester)
Location: NYC NY

Job Description
Independently perform penetration tests on computer systems, networks, applications, and appliances. Search for different weakness and areas of concern in configurations and throughout known vulnerabilities/weaknesses within a network. Pinpoint different methods and entry points that attackers may use to exploit these vulnerabilities or weaknesses. Research, analyze, document, and discuss vulnerabilities/weaknesses found with senior leadership and cyber security teams. Conduct different types of red and purple teaming exercises across the network to include wireless networks and other peripheral devices. Perform Open-Source Intelligence (OSINT) gathering.

1.This role will work primarily in performing offensive security assessments (application, network, mobile, Wi-Fi penetration testing, red teaming, specialty security assessments) and support ongoing offensive operations and infrastructure.

2.Perform application penetration tests. Application pen tests often include thick client, API, mobile SDK, and web applications from open, and closed box perspectives.

3.Perform network penetration tests. External, internal, and Wi-Fi network penetration testing. Capable of penetrating multiple platforms in enterprise environments.

Skills
-Minimum of 3 years specialized experience in penetration testing or experience responding to Advanced Persistent Threat (APT) type incidents for large enterprises as a member of an incident response team.
-Demonstrated experience creating novel, reusable, exploits for disclosed and undisclosed vulnerabilities.
-Well-rounded background in application, network, and system security.
-Able to conduct and speak to OSINT, social engineering, and physical pen-testing.
-Understanding of OWASP Top 10/NIST Standards.
-Familiarity with proxy tools (Burp Suite/ZAP).
-One or more of the following certifications:
oExploit Researcher and Advanced Penetration Tester (GXPN),
oGIAC Penetration Tester (GPEN),
oLicensed Penetration Tester (LPT),
oOffensive Security Certified Expert (OSCE),
oOffensive Security Certified Professional (OSCP),
oOffensive Security Exploitation Expert (OSEE) or another comparable certification.
-Proficient experience using a scripting language such as PowerShell, Python, Ruby, or Perl for penetration testing or incident response.
Demonstrated experience utilizing at least one or more of the following frameworks:
-Metasploit, Core Impact, Immunity Canvas, Cobalt Strike, Scythe or any similar Pen Testing tool..
Employment Type: Contractor
Salary: $ 70.00 Per Hour