Vacancy expired!
RESPONSIBILITIES:Kforce has a client in search of an Info. Sec. Assessment Specialist - Penetration Test.
Overview:The Information Security department is looking to bring on a penetration tester to perform web application, AWS infrastructure, and network penetration tests and drive remediation of identified vulnerabilities and defects. Responsibilities: Perform security assessments for enterprise assets leveraging manual and automated techniques to identify exploits and vulnerabilities Provide detailed written and verbal guidance for mitigation and remediation activities Keeps abreast with the latest trends in adversary attacks to verify exploitability on company assets Provide technical guidance, rules of engagement, tracking, and procedural oversight over third-party penetration testing services Support the implementation of automated tooling to perform assessments and strengthen technology value streams Support the attack surface management program reporting Work cross-functional across the enterprise to perform threat modeling and security assessments for new applications and featuresREQUIREMENTS: Bachelor's degree from an accredited university or equivalent work experience 5+ years of relevant work experience Approximately 3+ years of experience in Python and/or other scripting languages Experience pentesting APIs in both manual and automated fashion. Web App pentesting with a focus on APIs Experience pentesting AWS Serverless Technologies (e.g. Lambda, API Gateway, etc.) Experience developing/maintaining DAST Lifecycle Direct hands-on penetration testing experience with demonstrated experience in exploitation of web protocols, endpoint devices, AWS cloud Strong understanding of the tools and techniques required to perform security assessments Experience performing threat modeling and identifying risks not detectable by automated tools Strong understanding of AWS architecture, engineering, and security technologies Desired expert understanding of AWS IaaS/PaaS, Linux, Windows Server, Windows Desktop, VMware, and MacOS (in order or importance) secure configuration management and security controls Experience performing vulnerability assessments and remediation activities Strong written and verbal communication Ability to self-start and spearhead initiatives with minimal direction and oversight Certifications preferred are: OSCP/OSWE/GWAPTKforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.Vacancy expired!