- Conduct tactical security penetration test assessments in application security (web,mobile, and apis), internal/external networks, infrastructure, social engineering and a wide array of internally developed and commercial products.
- Think creatively and strategically to circumvent security controls, identify vulnerabilities and develop effective solutions. Stay informed on everemerging and fastchanging TTPs, zerodays and remediation strategies. Develop/modify custom tooling to solve new needs.
- Document and formally report testing initiatives, test findings, justified risk ratings, remediation recommendations and validation results in a clear and concise manner.
- Consult with technology teams and management to present security testing results, highlight the threat presented by the results, and consult on remediation guidance.
- Consult with defensive operations and threat intel teams on adversary TTPs to guide and improve offensive security measures.
- Utilize knowledge of blue team/ Security Operations Center (SOC), and security monitoring and response (SIEM, IDS/IPS etc), as well as EDR (e.g. for bypasses), overall monitoring, detection and indicators of compromise, to create effective red team activities to test these (e.g. developing / using malware, pivoting, escalating privileges, etc). Support purple team exercises designed to build strength across disparate teams.
- Develop and maintain tools and scripts used in penetrationtesting and red team processes.
- Train offensive and defensive colleagues on new TTPs and mentor junior teammates.
- Arrange and provide support to business units launching new technology applications and services to verify that new products/offerings are not at risk of compromise or information leakage.
- Understand breach and attack simulation (BAS) solutions and work with the team to validate controls effectiveness.
- When necessary, assist in purple team exercises as well as postmortem drills with a focus on measurable improvements and benchmarking to show progress (or deficiencies requiring additional attention).
- Liaise with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
-
Penetration Tester
6 days ago
Comrise Charlotte, United StatesHello, · I'm Mitesh Shah from Comrise, and I have an exciting opportunity available with one of our esteemed clients. If you're open to new opportunities and seeking a positive change, I'd love to hear from you. Please share your resume along with your rate expectations, and let' ...
-
Penetration Tester
2 weeks ago
Acruex Inc. Charlotte, United StatesNeed Local to Charlotte, NC · Key skills: ** Understanding of command lines; ** Penetration experience with web applications, mobile and API's; · Cyber Security Detection and Response Sr. Analyst. · ** Experience working with GitLab Ultimate CI/CD technology, shift-left tools, ...
-
Penetration Tester
2 weeks ago
Acruex Inc. Charlotte, United StatesNeed Local to Charlotte, NC · Like the look of this opportunity Make sure to apply fast, as a high volume of applications is expected Scroll down to read the complete job description. · Key skills: ** Understanding of command lines; ** Penetration experience with web applicati ...
-
Penetration Tester
1 week ago
Acruex Inc. Charlotte, United StatesNeed Local to Charlotte, NC · Key skills: ** Understanding of command lines; ** Penetration experience with web applications, mobile and APIs; · Cyber Security Detection and Response Sr. Analyst. · ** Experience working with GitLab Ultimate CI/CD technology, shift-left tool ...
-
Senior Penetration Tester
1 week ago
Rapid Strategy Charlotte, United StatesJob Title: Senior Penetration Tester · Location: Charlotte, NC · Job Description: · We are seeking a seasoned Senior Penetration Tester to join our team in Charlotte, NC. As a Senior Penetration Tester, you will lead the assessment of our clients' networks, systems, and cloud env ...
-
manual penetration tester
5 days ago
V2soft Charlotte, United StatesV2Soft ) is a global company, headquartered out of Bloomfield Hills, Michigan, with locations in Mexico, Italy, India, China and Germany. At V2Soft, our mission is to provide high performance technology solutions to solve real business problems. We become our customer's true part ...
-
Web Application Penetration Tester
6 days ago
Comrise Charlotte, United StatesPosition: Senior Web Application Penetration Tester · Location: Charlotte, NC · Duration 6 Months · ONLY US CITIZENS · We are seeking a highly skilled and experienced Senior Web Application Penetration Tester to join our dynamic team in Charlotte, NC office. As a Senior Penetrati ...
-
Senior Web Application Penetration Tester
4 days ago
Kaizen Lab Inc. Charlotte, United StatesJob Title: Senior Web Application Penetration Tester · Location: · Charlotte, NC · Job Description: · We are seeking a highly skilled and experienced Senior Web Application Penetration Tester to join our dynamic team in Charlotte, NC office. As a Senior Penetration Tester, you w ...
-
Pentester and Vulnerability Mgt Engineer
1 week ago
Belk Charlotte, United States OTHERSecurity Engineer – Penetration Testing & Vulnerability Management · We are looking for a penetration tester/vulnerability engineer to join our team to help protect the organization from cyber threats. As a penetration tester, you will be responsible for conducting ethical hackin ...
-
Pentester and Vulnerability Mgt Engineer
4 days ago
Belk, Inc. & Belk eCommerce LLC Charlotte, United StatesSecurity Engineer - Penetration Testing & Vulnerability Management · We are looking for a penetration tester/vulnerability engineer to join our team to help protect the organization from cyber threats. As a penetration tester, you will be responsible for conducting ethical hacki ...
-
Sr. Manual Tester
1 week ago
Experis Charlotte, United StatesTitle: Senior Manual Tester · Location: Fully Remote (USA ONLY) · Industry: Banking (experience required) · Pay: $35/hour · Type: Long term contract. W2 candidates ONLY. · Role: SIT / Manual Tester - CAB Project · Company: Experis, IT Solutions (Software Automation Practice ...
-
Sr. Manual Tester
5 days ago
Manpower Group Inc. Charlotte, United StatesTitle: Senior Manual Tester · Location: Fully Remote (USA ONLY) · Industry: Banking (experience required) · Pay: $35/hour · Type: Long term contract. W2 candidates ONLY. · Role: SIT / Manual Tester – CAB Project · Company: Experis, IT Solutions (Software Automation Practice) · Ex ...
Senior Penetration Tester - Fort Mill, United States - TEKsystems
Description
TEKsystems is hiring an experienced Penetration Tester as part of the build out of a financial clients in-house Red Team.
This position will be focused on development, execution and maturation of internal penetration testing activities to supplement our existing 3rd party program, with a strong focus on web/ mobile applications and APIs.
This role is highly technical, and candidates must understand applications, networking and various operating systems, along with tools and frameworks, and they must maintain a high level of rigor to stay up to date with advancements in technology while also retaining knowledge of older systems and applications that may still be in use in the enterprise.
While some automated tools will be leveraged, the penetration-tester must also utilize hands-on expertise with a variety of internally and externally developed tools to simulate attacker TTPs.
Responsibilities:
About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity.
We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia.
As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change.
That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.