Offensive Security Consultant
Remote
Applications have closed
VerSprite
Don't let unknown cybersecurity threats lurk in your enterprise networks. VerSprite helps solve your most complex cybersecurity challenges.VerSprite
VerSprite is an Inc. 5000 2020 fastest growing company and industry leader in PASTA threat modeling. Founded in 2007, VerSprite is a private cybersecurity consulting firm helping organizations tighten their risk-gaps with evolved security solutions and advanced threat intel tools.
VerSprite has a 97% client retention rate providing organizations with services like penetration tests, evolved red teaming engagements, vCISO, vSOC and VerSprite’s advanced security tools Cloud Security Assessment Platform and Cyber Threat Intelligence Portal.
Are you an ethical hacker looking to turn your early experience into a long-term career? Do you strive to upgrade your technical skills, and take on challenging pentests? VerSprite is looking for a Penetration Tester who’s passionate about deep-dive pentesting and eager to expand their offensive security knowledge. If this sounds like you, we’d like to chat.
Responsibilities
- Perform Web (Apps/Services/APIs) and Network (Internal/External/Cloud) Pentests
- Elaborate and properly document proof-of-concepts for real-world exploitation scenarios of the discovered vulnerabilities with enough details so they can be easily reproduced
- Analyze vulnerabilities and deliver clear and coherent written reporting
- Provide clients the technical risk associated to all findings reported while recognizing their true business impact
- Support all reported vulnerabilities with their remediation guidance
- Collaborate with other team members (Test Lead, Team Lead and fellow consultants) on penetration tests and red teaming engagements
- Execute projects according to the alignments defined by the rules of engagements and complete them within defined deadlines as required.
- Continuously learning and staying up-to-date with the latest attack techniques, tools, methodologies
Requirements
- Solid fundamentals in Web (Apps/Services/APIs) and network pentesting (2+ years). Pentesting experience in mobile apps (iOS/Android) is desirable.
- Experience with Social Engineering through Phishing Campaigns, Source Code Analysis, Cloud environments and Auditing Smart Contracts definitely a great bonus.
-
Solid understanding of common webapp vulnerabilities, exploitation techniques, and remediation options
-
Solid foundation on network protocols (HTTP, SSH, SMTP, etc) and their typical security issues
- Solid knowledge of common security concepts (crypto, AAA, AD security, SSO, OS Security, etc.) and practical offensive techniques (SSH tunneling, pivoting, OSCP equivalent knowledge)
- Proficient in developing in at least two languages, ideally one Web and one Scripting: Python, Ruby, Swift, Golang, C/C++, .NET, PHP, JS, BASH, etc.
- Passion for learning new technologies and processes, and contributing to refining existing capabilities
- Experience developing custom scripts or tools to enhance penetration testing and improve automation of repetitive tasks
- Work well under pressure and in a fast pace environment
Benefits
We offer a competitive compensation package where you’ll be recognized for the value you bring to our business, along with:
- Opportunities to develop new skills and progress your career;
- The freedom and flexibility to handle your role in a way that’s right for you; and
- A collaborative environment where everyone works together to create a better working world
If this seems intriguing to you, please apply! We will reach out promptly to discuss your fit and additional job details.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android APIs Audits Automation Bash C Cloud Code analysis Crypto Golang iOS Offensive security OSCP Pentesting PHP Python Red team Ruby Scripting Security assessment SMTP SSH SSO Threat intelligence Vulnerabilities
Perks/benefits: Career development Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs