NOTE: DO NOT APPLY FOR THIS JOB UNLESS YOU ARE A PROFESSIONAL PENETRATION TESTER AND YOUR RESUME REFLECTS AT LEAST 5 YEARS EXPERIENCE IN A POSITION WHERE THIS WAS YOUR JOB. This is not a job for ISSOs, A&A folks, IT managers etc.
Shorebreak Security is seeking highly motivated IT Security professionals with demonstrated experience and expertise in Network and Web Application penetration testing, to conduct engagements for our commercial and Federal Government customers.
We test Federal government customer's national mission critical networks and systems. These systems must be available and must NOT be impacted by our testing – people could die! Please read the last sentence again, and understand why we are serious about hiring folks that know what they are doing.
When not on travel, you will work remotely.
Note: Working from our office in Cocoa Beach, FL is also a possibility
On-site assessments are frequently performed in locations throughout the United States so you must be able to travel 2 weeks a month. Some months there will be no travel, others there could be three weeks, but we try our best to be considerate when scheduling our engagements to limit back to back travel weeks.
For an idea of we we expect, please read this -> http://www.shorebreaksecurity.com/resources/core-competencies-of-a-professional-penetration-tester
– Health insurance (100% of employees premium paid. 50% of dependents premium paid by company), Dental and Vision
– Life insurance, short-term and long-term disability insurance 100% paid by company
– Up to 4 weeks paid vacation per year. Sick days, and 7 Federal holidays
– 401k with up to 7% employer contribution
Conduct security assessments of customer networks; validate and exploit security vulnerabilities, leverage those vulnerabilities and determine the overall impact to the organization of those vulnerabilities.
Clearly communicate vulnerability details and risk to customers, both verbally and in writing.
Be able to independently apply testing methods against a wide variety of targets including: Web Applications, databases, wireless networks, conducting social engineering attacks against customer user base, SCADA/ICS, routing infrastructure, VPN, Cloud, and more.
– 8+ years experience in Information Security field
– 5 years experience conducting penetration testing
– experience leading and managing pen testing engagements
– excellent social skills
– strong written and verbal communications skills
– the ability to pass a background check
– the ability to pass a verbal technical interview
– the ability to pass a practical (hands-on) test
– expertise in at least one Operating System
– passion for technology and Information Security
– the ability to conduct a pen test without the use of a vulnerability scanner and exploit framework
– Deep knowledge of IP networking, Operating Systems, Information Security, security testing tools
– Highly motivated individual with the ability to work independently and to think outside the box — "hacker" mentality.
– Expertise with common security tools; nmap, Nessus, Metasploit, Burp, Zap, CAIN, Linux Kali, etc.
– Degrees and certifications are a bonus but not required provided you can demonstrate a high degree of technical skills
– Humility – there is no room for the "rock star" hacker here. We share info and work as a team.
Please do NOT apply unless you have the "must haves".
We are a small but fast growing team – this position has a lot of upward mobility.
Check out www.shorebreaksecurity.com for more info.