I'm looking for a penetration tester to work on my team in Atlanta. I would prefer someone who might be interested in making the move to Atlanta, but would be willing to look at remote resources too.
Just putting this out there since I've seen other people do it. We need strong Linux/admin backgrounds and people who get networking and web applications. We're willing to talk to folks who may be experienced specialists in other realms but are looking to make the transition into pentesting. The description is below. Contact me directly with any questions/interests. Cheers! Jarred ControlScan is a fast growing, Atlanta-based security company focused on information security and compliance for small- to medium-sized businesses. Recognized as one of the TAG Top 10 Innovative Technology Companies in Georgia, ControlScan offers career growth opportunities, medical, dental, vision and 401K and believes in a strong work-life balance. We are currently seeking an experienced *Penetration* *Tester* to join our expanding Security Engineering Services team. The *Penetration* *Tester*will perform network and application-based vulnerability assessments and *penetration* tests for ControlScan clients. The ideal candidate has extensive experience in a consultative role using industry standard attack tools and methodologies to perform *penetration* tests that are used to improve an entity’s security posture. Engagements typically encompass some combination of network and application pen testing, as well as social engineering tests. *Responsibilities* - Work closely with sales to accurately scope client engagements - Perform network and application *penetration* testing; independently manage workload and drive projects to completion with minimal supervision - Manage client expectations and meet deadlines related to project deliverables and logistics - Prepare reports on findings and review with client contacts; relate findings to real-world risks and provide specific, actionable recommendations for resolution - Perform research of emerging threats and incorporate findings into testing practices - Design and develop tools and resources to augment and improve the testing process; configure existing tools and resources to perform more effectively - Introduce process efficiencies into existing testing methodologies and recommend improvements to engagement workflow - Participate in the training, development, and management of more junior team members; leverage expertise to aid other areas of ControlScan's business *Requirements* - 3+ years’ security consulting experience in the areas of *penetration*testing, vulnerability assessment, risk assessment, and/or IT auditing - Hands-on experience with tools such as Nessus, neXpose, Metasploit, Burpsuite, Acunetix, w3af, and BackTrack/Kali suite of tools - “LAMP stack” and web tier competency; knowledge of web application technologies and platforms such as Apache, PHP, .Net, etc. - Understanding of TCP/IP networking and fundamentals - System administration experience - Linux/Unix, Apache, and scripting experience required - Experience performing PCI DSS related assessments and audit as well as other information security assessments (ISO 2700X, IT Risk Assessments, HIPAA Assessments, etc.) is preferred - Travel (approximately 25%) is required from time to time -- "The world's my oyster, a hotel room's my prison cell..."
_______________________________________________ General mailing list [email protected] http://brlug.net/mailman/listinfo/general_brlug.net
