Job

Attack and Penetration Tester

Accretive Solutions is at the forefront of assisting our post-start-up clients in securing their environment for rapid growth.

We are looking for senior consultants who can perform live-site attack and penetration of cloud-based and on-premise, identity, security and infrastructure services. We are seeking an experienced Security Software Engineer with demonstrated penetration testing/red teaming experience in network, platform, application, firmware, and hardware security. The consultant will need to emulate real-world attacks, providing a critical component of an “Assume Breach” strategy and ensuring readiness against determined adversaries and targeted attacks against our client’s products and services.

We are looking for a passionate geek with good consulting skills who is interested in doing bleeding edge security research and penetration testing of cloud and enterprise services. You will play a critical role in advancing security by working with Security Software Engineers, Developers and Program Managers to instill an Assume Breach strategy as well as driving and innovating on security solutions.

Responsibilities: 

Operator/Penetration Tester - Parlaying your passion for hacking, security research and vulnerability discovery into practical exploitation and adversary activities across the kill chain. You will identify vulnerabilities through simulated external and internal attacks, which exercise and validate our client’s ability to prevent, detect, respond and recover. You should be experienced in:

• Open Source Intelligence Gathering
• External Network Vulnerability Assessments and Penetration Testing
• Internal Network Vulnerability Assessments and Penetration Testing
• Wireless LAN Vulnerability Assessments
• Social Engineering Vulnerability Assessments

Communication & Presentation - A trusted advisor and security expert that partners and advises services teams on detecting vulnerabilities, attack surface reduction, threat mitigation and security best practices. Confident to present findings through proof-of-concept exploits, white papers, brown bags, filing bugs, presentations and formal reports. Work closely with development teams to define and adopt mitigations, develop new solutions for secure development and operations of Microsoft cloud services.
To thrive in this position, you'll need to have technical understanding of a broad technology set and the ability to pick up others at a rapid pace, strong technical and communication skills, ability to deal with ambiguity, autonomy and a very high level of creativity and inquisitiveness. You should have a BS in Computer science or equivalent security experience. Previous experience in security consulting, penetration testing, “red teaming”, firmware and hardware hacking are important.

Requirements: 

Basic Qualifications:

• 7+ years’ experience in security and software engineering are a must.
• BS in Computer Science, or equivalent Security and Development experience
• Demonstrated strong Development skills, with experience in C#, C++, ASP.NET (or other web frameworks and languages), and PowerShell.
• Proven working knowledge of information security, penetration testing techniques and security code review
• Tested deep knowledge of services, security and a strong engineering and development skillset
• A passion and drive for turning threat intelligence into threat emulation is a must.
• A Demonstrated deep and broad understanding of security vulnerabilities and attacks (Hardware, Firmware, Software, Network, and People) and ability to apply them or find new ones based on new technology being developed.

Preferred:

• Cloud services experience working in IaaS, PaaS or SaaS environments desirable as well as experience with common web application security issues, Active Directory, exploitation frameworks (such as Metasploit, etc.), JavaScript, HTML, SQL, and networking are recommended. Hardware, firmware and embedded systems experience also a plus.
• Previous consulting experience is desired.

Job Date: 

Fri, 11/10/2017 (All day)

Job Types: 

Locations: