WHOA.com is seeking highly motivated IT Security professionals with demonstrated experience in Network and Web Application penetration testing to conduct engagements for our customers.
On-site assessments may require to be performed in locations throughout the United States so you must be able to travel for a specific engagement.
Contract – Remote or Onsite Work
Remote position is acceptable.
U.S. Citizenship required
We are looking for professional penetration testers – your resume should reflect years of professional experience in a penetration testing role. Or at the very least, an Information Security role where the majority of your time is spent conducting penetration testing. You should be able to rattle off a list of your favorite tools and techniques. You will be asked to demonstrate your skills via a practical interview.
Job Title — Senior or Principal Security Engineer – Penetration Tester
- U.S. Citizenship
- 8+ years experience in Information Security field
- 5 years experience conducting penetration testing
- Experience leading and managing pen testing engagements
- Excellent social skills
- Strong written and verbal communications skills
- Ability to pass a background check
- Ability to pass a verbal technical interview
- Ability to pass a practical (hands-on) test
- Ability to conduct a pen test without the use of a vulnerability scanner and exploit framework – please read this sentence again.
- Conduct security assessments of customer networks; validate and exploit security related findings.
- Clearly communicate vulnerability details and risk to customers, both verbally and in writing.
- Be able to independently apply testing methods against a wide variety of targets including: Web Applications, databases, wireless networks, conducting social engineering attacks against customer user base, SCADA/ICS, routing infrastructure, VPN, Cloud, and more.
- Strong technical skills and understanding of networking and operating systems.
- Highly motivated individual with the ability to work independently and to think outside the box — “hacker” mentality.
- Proficiency with common security tools; nmap, Nessus, Metasploit, Burp, Zap, CAIN, Linux Kali, etc.
- Degrees and certifications are a bonus but not required provided you can demonstrate a high degree of technical skills
- Pass background check
- Required language: English