Job Description
Job Description Our client is seeking a
Penetration Testing Lead to join their Special Purpose Team (SPT). The successful candidate will perform penetration testing and vulnerability scanning as directed by management, and lead efforts in logging and tracking discovered vulnerabilities, triaging remediation tasks, and assigning them to system owners.
This is primarily a remote position; however, candidates must be local to an office location in one of the following areas: - Herndon, VA
- Colorado Springs, CO
- Tampa, FL
- Ogden, UT
- Omaha, NE
Responsibilities - Perform both internal and external penetration testing of network infrastructure and applications
- Perform Red Team assessments including physical, social engineering, and network exploitation
- Perform well-controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
- Demonstrate advanced understanding of business processes, internal control risk management, IT controls, and related standards
- Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership
- Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
- Participate in regular Purple Team exercises and perform adversary simulations to test defense controls
- Assist with scoping prospective engagements, leading engagements from kickoff through remediation
- Work closely with the Blue Team to test the efficacy of existing alerts and help create new detections
- Create findings reports and effectively communicate findings to stakeholders
- Contribute to enhancing the team's toolkit
- Write custom scripts to automate tasks related to finding new vulnerabilities
- Maintain the playbook to continually improve company penetration testing methodologies and threat modeling
- Travel to test IoT physical and mobile devices at least 25%
Clearance - U.S. citizen eligible for a Secret
Required Qualifications - Bachelor's degree in Engineering, Computer Science, IT, or equivalent work experience
- 10+ years of experience in Penetration Testing, Red Team, and Purple Team
- Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.)
- Demonstrable understanding of voice and data networks, major operating systems, active directory, and cloud technologies
- Demonstrated knowledge of MITRE s ATT&CK framework and ability to execute and chain TTPs
- Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear and precise terms.
- Ability to optimally code in a scripting language (Python, Bash, PowerShell, Rust, C, C++, Golang, etc.)
Desired Qualifications - CRTO, OSCP, or other relevant certifications
Hamdan Resources, LLC is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer (EEO/AA), making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship and/or authorization to work within the U.S.is required for most positions. Hamdan Resources
Job Tags
Work experience placement, Local area, Remote job,