Penetration Tester

Posted 8 Days Ago
Hiring Remotely in United States
Remote
3-5 Years Experience
Security • Cybersecurity
The Role
As a Penetration Tester at A-LIGN, you will conduct security assessments to improve the security of clients' systems. Responsibilities include performing penetration tests, vulnerability assessments, utilizing scripting languages, and collaborating with clients to deliver high-quality reports. You will also stay updated on security trends and methods to enhance your skill set.
Summary Generated by Built In

<p></p>
<p><strong><u>ABOUT THE ROLE</u></strong></p>
<p>As a Penetration Tester with A-LIGN, you will be part of a dedicated pen testing team whose sole purpose is to test and improve the security of our clients’ systems and data across a wide range of industries. This is not an entry level position, but a position open for an experienced, seasoned or specialized hacker. If you have an appetite for penetration testing and want to build your knowledgebase and skillset; this position is for you.</p>
<p><strong><u>ABOUT YOU:</u></strong></p>
<ul>
<li>Passionate about information security and identifying exploitable vulnerabilities before threat actors can take advantage of them</li>
<li>Ready to find more efficient ways to accomplish your work</li>
<li>Continuous desire to grow, develop and advance skills</li>
<li>Can work independently, or collaboratively with the team</li>
<li>Desire to provide highest quality test and deliverables to clients without cutting corners</li>
<li>Proficiency with scripting languages (Python, Bash, JavaScript, PowerShell)</li>
<li>Self-driven in a remote working environment, motivation to continuously provide high quality work and deliverables</li>
<li>You enjoy hacking (ethical), follow threat feeds, latest threat trends, know a thing or two about exploits (or have written some yourself)</li>
<li>You enjoy working in a group, and believe in open collaboration as a team.</li>
<li>You enjoy sharing knowledge and lessons learned, you like to share the specialized knowledge or skills you may have with the team</li>
<li>You don’t make excuses for a difficult challenge, you make scripts instead.</li>
<li>You know the OWASP top 10 and SANS top 20, and have an opinion about one vs the other.</li>
</ul>
<p><strong><u>MINIMUM QUALIFICATIONS</u></strong></p>
<ul>
<li>Master’s or Bachelor’s degree in cybersecurity, management information systems, computer science, or relevant discipline.</li>
<li>Proficiency with scripting languages (Python, Bash, JavaScript, powershell)</li>
<li>Knowledge of incident response/forensics/red-teaming or DevOps a huge plus but not required.<strong>&nbsp;</strong></li>
<li>You have experience with penetration tests and vulnerability assessments; including internal, external, wireless, mobile, and web application testing.</li>
<li>You have an understanding of API’s, how they work, and how to test them.</li>
<li>You have used cloud CSP’s such as AWS, Azure, AliCloud, Google cloud, Rackspace, and any internal associated components/controls.</li>
<li>You can perform social engineering campaigns including phishing, vishing, and physical.</li>
<li>You can re-image your own system when necessary, and navigate Kali Linux to conduct penetration tests, with only command line access as necessary.</li>
<li>You can create, modify, and write documents from command line, and write Bash scripts to automate or facilitate tasks as necessary.</li>
<li>You can write professional reports with proper grammar, spelling, and punctuation, that need very little QA review.</li>
<li>You can communicate with clients, and understand if something needs to be escalated internally.</li>
<li>You are comfortable monitoring the metrics of a project, personal utilization, and constant improvement toward efficiency.</li>
<li>You are willing to expand your knowledge, obtain relevant certifications, and meet CPE requirements as necessary.</li>
<li>You are ready and willing to learn, and accept a new challenge.</li>
<li>You have an OSCP certification</li>
</ul>
<p><strong><u>Skills:</u></strong></p>
<ul>
<li>You have working knowledge of Kali Linux and standard security assessment tools (e.g., NMAP, metasploit, Scapy, Burp Suite, SSLStrip, Ettercap, Nessus, Nikto, AppScan) and&nbsp;&nbsp;can talk about any others you have used.</li>
<li>You have strong written and verbal communication skills.</li>
<li>You can run scans and perform tests with minimal impact to client networks.</li>
<li>You have an understanding of both iOS and Android application testing, and how to jailbreak/root devices, use emulators.</li>
<li>You know about SOAP/REST/JSON web APIs and how to test them.</li>
<li>You have experience using interpreted languages (Ruby, Python, PHP, etc.)&nbsp;</li>
<li>You can explain findings in a non-technical form.</li>
</ul>
<p><strong><u>The ideal candidate may also have:</u></strong></p>
<ul>
<li>Programming experience in one or more of the following languages: Ruby, Python, Perl, C, C++, Java, and C#</li>
<li>Knowledge of network protocol design, or zero day exploitation</li>
<li>Know about static code analysis and have used SCA tools</li>
<li>You have soldered to a device to exploit it, or extract information from an embedded device.</li>
<li>You are an innovator, you feel something is missing, and want to create it.</li>
<li>Want to work in IoT, embedded testing, or research niche threat and exploitation for the future.</li>
</ul>
<p><strong>REPORTS TO: </strong>Managing Consultant</p>
<p><strong>PAY CLASSIFICATION:</strong> Full-Time, Exempt</p>
<p><strong><u>RESPONSIBILITIES </u></strong></p>
<ul>
<li>Execute internal, external, wireless, mobile, API and web application pen tests.</li>
<li>Execute social engineering tests, including phishing, vishing, and physical.</li>
<li>Execute vulnerability scans and assessments.</li>
<li>Compile and write client reports</li>
</ul>
<p></p>
<p><strong>BENEFITS</strong></p>
<ul>
<li>Employer Paid Health, Vision, Dental</li>
<li>401 (K) Plan with Employer Matching</li>
<li>Competitive Bonus Structure</li>
<li>Employer Paid Life Insurance and Disability Insurance</li>
<li>Generous Paid Time Off Plan</li>
<li>Technology Allowance</li>
<li>Vacation Bonus</li>
<li>Paid Office Closure December 24-January 1</li>
<li>Paid Holidays Schedule</li>
<li>Certification Reimbursement</li>
</ul>
<p><strong><span data-contrast="auto">About A-LIGN</span></strong><span data-ccp-props="{&quot;335559991&quot;:270,&quot;469777462&quot;:[6562],&quot;469777927&quot;:[0],&quot;469777928&quot;:[1]}">&nbsp;</span></p>
<p><span data-ccp-props="{&quot;335559685&quot;:-270,&quot;335559738&quot;:80,&quot;335559739&quot;:360}">&nbsp;A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com&nbsp;</span></p>
<p><strong><span data-contrast="auto">Come Work for A-LIGN!</span><span data-ccp-props="{&quot;335559991&quot;:270,&quot;469777462&quot;:[6562],&quot;469777927&quot;:[0],&quot;469777928&quot;:[1]}">&nbsp;</span></strong></p>
<p><span data-contrast="auto">Apply online today at A-LIGN.com and learn about life at A-LIGN by following our </span><a href="https://www.linkedin.com/showcase/careers-at-a-lign/"><span data-contrast="auto">Careers at A-LIGN LinkedIn!</span></a>&nbsp;<br><span data-contrast="auto">A-LIGN is an Equal Opportunity Employer! Minorities, women, disabled, and veterans encouraged to apply!</span><span data-ccp-props="{&quot;335559685&quot;:-270,&quot;335559738&quot;:80,&quot;335559739&quot;:480}">&nbsp;</span></p>
<p>&nbsp;</p>

Top Skills

Bash
JavaScript
Powershell
Python
The Company
HQ: Tampa, FL
573 Employees
On-site Workplace
Year Founded: 2009

What We Do

A-LIGN is a technology-enabled security and compliance partner that helps global organizations take a strategic approach to confidently mitigate cybersecurity risks. Our breadth and depth of expertise and A-SCEND, our proprietary compliance management platform, enable you to assess against the leading cybersecurity compliance frameworks important to your business – with one partner.

With A-LIGN as your guide, we bring you the people, process and platform you need to secure your summit, protect against future risks and build customer confidence so you can focus on elevating your business.

Jobs at Similar Companies

Silverfort Logo Silverfort

Marketing Analyst

Information Technology • Sales • Security • Cybersecurity • Automation
Remote
United States
357 Employees

Coro Logo Coro

Senior Business Development Representative

Artificial Intelligence • Cloud • Information Technology • Security • Software • Cybersecurity • Data Privacy
Hybrid
Milan, ITA
330 Employees

MacPaw Logo MacPaw

Senior Product Designer (New Product)

Information Technology • Security • Software • Cybersecurity • App development • Data Privacy
Remote
Hybrid
Kyiv, Kiev, UKR
550 Employees

Similar Companies Hiring

Coro Thumbnail
Software • Security • Information Technology • Data Privacy • Cybersecurity • Cloud • Artificial Intelligence
Chicago, IL
330 Employees
MacPaw Thumbnail
Software • Security • Information Technology • Data Privacy • Cybersecurity • App development
Cambridge, MA
550 Employees
Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account