Job Description
** _Senior Penetration Tester - Manual Hacker_**
Salary: $150k-$160k + 15% bonus
Location: Remote in any of the following states
IL, TX, FL, GA, MA, MD, NC, NJ, NY, DC, WI, MN
**Qualifications**
* Bachelor's degree is not required.
* 3+ Years' experience penetration testing.
* 5+ Years' experience in Information Assurance or Information Security environment.
* **Must be proficient in manual testing and manual hacking.**
* Certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired.
* Strong proficiency in network, application, emissions, and physical security.
* Strong proficiency in social engineering and intelligence gathering.
* Strong experience with custom scripting (python, PowerShell, bash, etc.) and process automation.
* Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
* Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Netsparker, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.).
* Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
* Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio).
* Proficient in basic document management in a Microsoft SharePoint environment.
* Experience with dedicated document management tools (e.g., DMS, PolicyTech) a plus.
* Experience with using ServiceNow a plus.
** **
**Responsibilities**
* Execute Red Team simulations based on organizationally defined threat scenarios with strict adherence to the agreed-upon rules of engagement.
* Conduct various Red Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Social Engineering, Basic Emissions/Signals Testing, Physical Security Testing, etc.
* Execute Open-Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools.
* Understand vulnerabilities and develop relevant exploits/payloads for use during Red Team activities.
* Perform security risk assessment, threat analysis and threat modeling.
* Perform independent reviews of security, network, and applications.
* Plan/Design/Execute security related activities and create artifacts.
* Stay on-time, on-budget, and within scope of testing activities
