Software Guidance & Assistance, Inc., (SGA), is searching for a Vulnerability Assessment/Penetration Testerfor a CONTRACT assignment with one of our premier Financial clients in Fort Lauderdale, FL.
Responsibilities: - Provide Vulnerability Assessment/Penetration Testing services to Firm businesses globally through a comprehensive testing process
- Participate in special projects ranging from rush testing of critical components to architecture reviews with sister teams to "shift-left "
- Acting as an SME for Infrastructure Penetration Testing in cross-functional efforts/projects
- Participate in the enhancement of testing processes and methodologies
- Identify weaknesses and vulnerabilities within the system, exploit them and propose countermeasures
- Validation of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards
- Scan systems and applications, leverage initial results to build a subsequent attack methodology and execute effectively
- Report Information Security vulnerabilities to businesses in an actionable manner
Required Skills: - Bachelor's Degree or similar work experience
- 3-5 years of relevant experience in offensive security with a history of gradually expanding experience prior
- OSCP, OSCE, GXPN, CREST or similar demonstrable experience
- Scripting(Bash, Python etc)
- Reverse Engineering / Exploit Development
- Design experience/understanding ( infrastructure/systems/enterprise)
- Exceptional interpersonal skills and a proven track record of working effectively with globally diverse teams
- The ability to understand new and emerging technologies rapidly to keep up with an ever changing threat landscape
- The ability to effectively document and explain exploits/vulnerabilities to technical and non-technical audiences including to senior leadership
- Demonstrable proficiency in producing comprehensive penetration testing reports with actional recommendations
- Deep understanding of TCP/IP, Infrastructure stacks(i.e. 3 tier, segmented environments)
- Demonstrable experience working effectively in Enterprise environments
- Demonstrate hands on experience with Vulnerability Assessment/Enumeration tools, e.g., Tenable Nessus, Qualys VM, OSS enumeration tools
- Demonstrate hands on experience with penetration testing tools i.e. Kali suite, open-source tooling, Living Off The Land(OS)
- Understanding of defensive security principles with an ability to demonstrate offensive opportunities
- OS and Network Security Experience, e.g. Unix, Linux, Windows, Cisco, etc
- Understanding of common protocols, e.g. DNS, SMTP, SNMP, LDAP, Routing Protocols
- Hands on experience with MITRE ATT&CK Framework or similar
- Experience with TTP's, IOC's and advanced threat analysis
- Threat Mapping experience
Preferred Skills: - CCNP, CISSP, TOGAF/SABSA, Microsoft/Linux Certifications
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at https://sgainc.com .
EEO Employer: Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status.
