Job Id: 60389
This Role is Fully Remote.
Senior Penetration Tester
Our client is seeking a Senior Penetration Tester to assist their organization remotely in Hillsboro, Oregon. The Senior Penetration Tester is part of the client's Corporate Information Security team, Security Operations organization and participates in the attack surface management of global computing assets. The Senior Penetration Tester is responsible for security testing of the company technology, coordination with stakeholders regarding their findings and completion of day-to-day tasks associated with the penetration test program.
Senior Penetration Tester Responsibilities
Conduct penetration test scoping/kick-off meetings with technology business stakeholders, document scope and schedule testing window.
Lead web application, mobile, API and network penetration testing within the designated scope and rules of engagement.
Provide technical guidance for remediation of findings, collaborating with other CIS teams as necessary.
Provide mentoring and training to junior members of attack surface management team.
Perform required audit-related tasks from internal audit, SOX and PCI activities.
Interface & support other CIS organizations such as Incident Response, Governance, Risk and Threat Intelligence as necessary.
Maintain and compose operational process documentation regarding program execution.
Maintain and grow penetration testing tool suites and automation of tasks through the use of commercial and open-source products.
Perform Red Team activities in coordination with company's cyber defense center and incident response teams to validate Blue team monitoring & detection processes.
Senior Penetration Tester Qualifications
Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience.
7+ years of IT professional experience, with 3+ years Information Security experience, with previous penetration testing or application security background.
Strong understanding of a variety of technical concepts such as: Application development, networking, systems administration, and information security practices.
Strong web application development, security flaw and remediation technical understanding.
Demonstrated experience with a variety of open source and commercial testing tools in areas such as web interception proxies, packet capture, debugging and API interaction.
Experience with data analytics with the ability to provide qualitative analysis and recommendations.
Strong verbal and written communication skills to clearly convey both technical.
Experience and knowledge of performing security tasks within AWS or Azure cloud environments.
Ability to develop strong working relationships with a variety of other enabling teams.
Strong attention to detail, data accuracy, and data analysis.
Self-motivated and operates with a high sense of urgency and a high level of integrity.
Certifications such as GIAC Web Application Penetration Testing (GWAPT), Offensive Security Certified Professional (OSCP) or GIAC Penetration Testing (GPEN) are strongly preferred.
Previous experience working in large scale environments with diverse technologies.
Ability to automate technical tasks through use of APIs or scripting.
Compensation: $60/hr. (DOE)
Benefits are available to eligible VanderHouwen contractors and include coverage for medical, dental, vision, life insurance, short and long term disability, and matching 401k.
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.
- Senior Data Engineer
- Systems Administrator
- UX Designer
- Network Engineer/Administrator
- SAP BW Data Modeler
- Technical Product Manager
- DBA / Developer
- Principal Engineer – Infrastructure Accountability Platform
- Senior Full-Stack Engineer
- Data Center Network Engineer
Thank you for your interest in applying for this position! Please fill out the fields below. Your profile will be reviewed with the rest of the applicants.