Are you frustrated by companies that pass off vulnerability scan results as a pentest report? Do you love finding and developing exploitable issues within new environments? Are you undeterred when a customer’s security controls disrupt your plan of attack? Do you enjoy educating others about the vulnerabilities and exploit chains that you discover? Do you want to make the world a more secure place? If so, come work with us!

At Soteria (https://soteria.io/), we have the opportunity to work with a broad range of clients to help them identify and solve their security challenges.We do not simply identify and report on publicly-known vulnerabilities that can be identified with automated scans. Rather, we work to find and understand the technical and non-technical issues and challenges that create security issues, and develop creative, tailored, and pragmatic solutions to achieve a more secure environment.

We are looking for passionate and driven individuals to join us. As a penetration tester In this role, you will make an immediate impact on a growing team advising customers who need your expertise. You will build relationships with clients in North America and Europe, helping them to balance trade offs to meet their business and security objectives.You will also keep them informed of emerging trends in security and serve as a sounding board and trusted advisor for security questions and concerns to help build other aspects of their security program. When you are not serving customers, you will be performing research in areas that will help Soteria and the larger security community to be more efficient and effective in combating insecure environments.

Core Responsibilities:

• Communicate with prospective and existing clients to understand their security needs.
• Develop an understanding of the business requirements and other motivating factors for clients, and tailor penetration testing engagements to meet those needs.
• Lead and perform technical security assessments and penetration tests on client environments and applications (physical, network, wireless, web application, and/or social engineering).
• Develop tailored recommendations to address issues uncovered during the assessment process. “Patch the software” is not always the right solution!
• Document and present findings and recommendations to clients in a professional manner.
• Maintain relationships with clients post-assessment in order to assist and advise as they continue to build and improve their security.
• Maintain competence in security trends, technologies, and practices through self-study and attendance of industry events.
• Conduct research and develop tools to automate tasks related to your areas of responsibility.
• Collaborate with and advise Soteria's Detection and Response Team (DART) to ensure they are capable of detecting the latest and greatest offensive techniques.
• Train and mentor other employees in order to build the company's overall capacity and capability.
• Author blog posts and create other content to educate Soteria’s customers as well as the broader security community on interesting topics.

Sampling of Desired Skills and Attributes:

• Deep technical knowledge and experience performing security assessments in one or more of the following areas:
  • Network environments
  • Web applications
  • Cloud platforms (AWS, Azure, GCP)
  • Mobile applications
  • Social engineering.
  • Red teaming.
• Experience developing tools to automate repetitive tasks
• Customer-focused mindset with a strong desire to provide delightful customer experiences
• Excellent written and verbal communication skills
• Ability to self-direct work, orient to action, and truly own the position in a quickly growing and changing environment
• Ability to translate strategic business objectives into tactical actions
• Understanding of current information security challenges and solutions
• Comfort with building and refining processes on a growing team

Preferred qualifications:

• 5+ years of industry experience with a deep understanding of the cybersecurity space
• Prior experience in a cybersecurity consulting role
• Relevant certifications such as OSCP, GPEN, etc.

Benefits

• Medical, Dental, Vision, Life and Disability insurance covered 100% for Employee and 50% for family members.
• Fully funded HSA at the single level
• Flexible work hours around core hours
• Paid time off of 24 days with an additional 10 paid holidays
• Professional development allowance
• 401K Optional for Employees

Candidates must be legally authorized to work full time within the United States and able to pass a background check.Some candidates may require more extensive background checks based on the project. Soteria is an Equal Opportunity Employer. Soteria does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law.All employment is decided on the basis of qualifications, merit, and business needs