CyberOne is hiring! We hire smart, talented and high-performing professionals to push our organization forward and provide superior service to our customers. We each take accountability for our work, strive to make each other better, and genuinely love what we do. If you value learning new things, being innovative, and working in a supportive, collaborative environment, CyberOne may be the place for you.
If you are ready to raise the bar for your career and be part of our exciting journey, we would like to hear from you!
Senior Penetration Testers are experienced with 5+ years of experience in testing various technologies. In this role, the candidate will be responsible for organizing and leading various offensive security services offered by CyberOne. They will be responsible for continually providing research or development projects back to the security community at large to aid in the overall brand of CyberOne. They must also have the ability to train and mentor others in both formal and informal environments.
Essential Functions
- Senior Penetration Testers tasks can be divided into Project Management and Delivery, Training and Product Development, Cyber Security Research, Mentoring, and Offensive Security Development.
Cyber Security Research
- Research and study security vulnerabilities from a multitude of products.
- Research and develop practical tools to protect native systems, including both host and network side defense.
- Collaborate with the security community in improving both offensive and defensive security methods and tools.
- Research and stay knowledgeable on paper/blog write-ups to share information with the community.
- Publish white papers.
Mentoring
- Mentor junior team members on technical/function aspects of offensive security operations.
- Technical mentoring includes penetration testing methodologies, vulnerability discovery, and scripting languages.
- Understand project lifecycle and transferring knowledge to junior resources
Offensive Security Development
- Develop tools to aid the community in conducting offensive security services.
- Use creative approaches to identify vulnerabilities that are commonly missed in security assessments.
- Exploit vulnerabilities and identify specific, meaningful risks to clients based on industry and business focus.
- Performing complex wireless attacks against wireless clients and access points.
- Utilize social engineering techniques to obtain sensitive information, network access and physical access to client sites.
- Ability to identify, describe and report vulnerabilities and standard remediation activities, to include clear demonstration of risk to clients through post-exploitation activities required.
- Demonstrate familiarity with various network architectures, network services, system types, network devices, development platforms and software suites required (e.g. Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.).
Education/Experience
- Bachelors or Masters degree in computer science or related engineering field.
- 5+ Years performing penetration testing.
- 1+ Year mentoring technical mentees or providing training around offensive security services.
- Fluent knowledge of a scripting language (e.g. Python).
- Experience performing Security Assessment work (vulnerability, penetration tests, web application, wireless security and social engineering).
- Experience with commercial and open-source security tools required (e.g. Nessus, Nexpose, SAINT, Qualys, Burp, NMap, Kali, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng, etc.).
- Strong technical knowledge of web applications and networking.
Certificate And License Requirements
Skills And Abilities
- Previously provided training or presentations at security conferences (DefCon or BlackHat).
- Vulnerability Research experience in addition to reporting and publishing information around discovered vulnerabilities.
- Reverse engineering/Binary analysis experience (firmware, x86 applications, etc.).
- Recognition in the security community for speaking.
Work Environment
- Work is performed indoors in a climate-controlled environment.
- Travel may be required up to 25%.
- May be required to work evenings, weekends to meet company and customer needs.
- Ability to remain in a stationary position 50% of the time.
- Must be able to move about inside a professional office environment.
- An environment that empowers employees to contribute to an organization that embraces a fail-fast mentality.
- Open, supportive, and collaborative work environment.
If you are passionate, driven and ready to take your career to the next level, we invite you to apply today!
Recruitment Agencies Please Note
"In accordance with our recruitment policy, CyberOne strictly prohibits any form of solicitation of our employees by external agencies or third parties. Any candidate information that may be received from such agencies or third parties shall be deemed as a voluntary gift and shall become the exclusive property of CyberOne. Exceptions to this policy apply only when an Agency/Third Party is an Authorized Vendor of CyberOne, holding a valid and current contract that has been duly signed by the HR Manager or CFO of CyberOne. Under no circumstances will any payment be made to any Agency/Third Party unless they are an Authorized Vendor or possess written approval from the CyberOne HR Manager or CFO, granting them explicit permission to engage in recruitment efforts on behalf of CyberOne."