Selected candidates will become a member of ITPG’s Cybersecurity Center of Excellence (CoE), supporting projects for government and commercial clients in virtually every industry. Ideal candidate must be well-rounded and capable of working within a team of consultants or independently as a one-man team. He/she must possess solid knowledge and extensive experience in vulnerability assessment and penetration testing of networks (wireless included) and Web applications.
Candidate must possess the ability to support ITPG’s sales and business development team on client calls, project scoping activities, and produce technical contents for Statements of Work (SOWs) or proposals.
- Selected candidates will be expected to run a number of tests, generally based around network and/or Web application security posture assessment and penetration. They will be required to write up reports on findings and make recommendations on improving the security posture.
- While selected individuals will often be running predetermined types of tests, they will also be designing their own tests a large portion of the time, which requires creativity and imagination, along with a superb level of technical knowledge and know-how.
At minimum, we ask for:
- Deep knowledge of methodologies, and a minimum four years of experience conducting network vulnerability assessments and penetration testing, using industry standard vulnerability scanners and penetration testing tools (i.e. Nessus, QualysGuard, Metasploit Framework, etc.)
- Deep knowledge of methodologies and minimum 4 years of experience conducting Web application vulnerability assessments and penetration testing, using industry standard vulnerability scanners and penetration testing tools (i.e. Qualys WAS, NetSparker, Burp Suite, ZAP, etc.)
- Knowledge and at minimum one year of experience conducting wireless network security assessment (WLAN infrastructure devices, APs, controllers, switches) and penetration testing using industry-standard tools (i.e. Aircrack, Wireshark, etc).
- Certifications from the following desired (but not required): GPEN, GWAPT, CEH, Security+, etc.)
- Education: Bachelor’s Degree