Job

Attack and Penetration Tester

Accretive Solutions is at the forefront of assisting our post-start-up clients in securing their environment for rapid growth.

We are looking for senior consultants who can perform live-site attack and penetration of cloud-based and on-premise, identity, security and infrastructure services. We are seeking an experienced Security Software Engineer with demonstrated penetration testing/red teaming experience in network, platform, application, firmware, and hardware security. The consultant will need to emulate real-world attacks, providing a critical component of an “Assume Breach” strategy and ensuring readiness against determined adversaries and targeted attacks against our client’s products and services.

We are looking for a passionate geek with good consulting skills who is interested in doing bleeding edge security research and penetration testing of cloud and enterprise services. You will play a critical role in advancing security by working with Security Software Engineers, Developers and Program Managers to instill an Assume Breach strategy as well as driving and innovating on security solutions.

Responsibilities: 

Operator/Penetration Tester - Parlaying your passion for hacking, security research and vulnerability discovery into practical exploitation and adversary activities across the kill chain. You will identify vulnerabilities through simulated external and internal attacks, which exercise and validate our client’s ability to prevent, detect, respond and recover. You should be experienced in:

• Open Source Intelligence Gathering
• External Network Vulnerability Assessments and Penetration Testing
• Internal Network Vulnerability Assessments and Penetration Testing
• Wireless LAN Vulnerability Assessments
• Social Engineering Vulnerability Assessments

Communication & Presentation - A trusted advisor and security expert that partners and advises services teams on detecting vulnerabilities, attack surface reduction, threat mitigation and security best practices. Confident to present findings through proof-of-concept exploits, white papers, brown bags, filing bugs, presentations and formal reports. Work closely with development teams to define and adopt mitigations, develop new solutions for secure development and operations of Microsoft cloud services.
To thrive in this position, you'll need to have technical understanding of a broad technology set and the ability to pick up others at a rapid pace, strong technical and communication skills, ability to deal with ambiguity, autonomy and a very high level of creativity and inquisitiveness. You should have a BS in Computer science or equivalent security experience. Previous experience in security consulting, penetration testing, “red teaming”, firmware and hardware hacking are important.

Requirements: 

Basic Qualifications:

• 7+ years’ experience in security and software engineering are a must.
• BS in Computer Science, or equivalent Security and Development experience
• Demonstrated strong Development skills, with experience in C#, C++, ASP.NET (or other web frameworks and languages), and PowerShell.
• Proven working knowledge of information security, penetration testing techniques and security code review
• Tested deep knowledge of services, security and a strong engineering and development skillset
• A passion and drive for turning threat intelligence into threat emulation is a must.
• A Demonstrated deep and broad understanding of security vulnerabilities and attacks (Hardware, Firmware, Software, Network, and People) and ability to apply them or find new ones based on new technology being developed.

Preferred:

• Cloud services experience working in IaaS, PaaS or SaaS environments desirable as well as experience with common web application security issues, Active Directory, exploitation frameworks (such as Metasploit, etc.), JavaScript, HTML, SQL, and networking are recommended. Hardware, firmware and embedded systems experience also a plus.
• Previous consulting experience is desired.

Corporate Statement: 

On December 4th, 2017, Accretive Solutions was acquired by RGP. This job is an RGP position.

RGP is a professional services firm dedicated to providing people and perspectives to solve business challenges. As a provider of high-value, on-demand solutions aimed at our client’s most critical initiatives, we live and work within our clients' countries, cultures and languages, helping local business leaders and their global operating teams attain strategic objectives.

With experience across many disciplines including, finance and accounting, information management, human capital, supply chain management, legal and internal audit, we help companies address complex situations on the inside of business. Working alongside the client team, we solve problems, execute, and transfer knowledge. In other words, we help get the internal work done, while building the team's capability to change and operate in brand new ways.

RGP was founded in 1996 within a Big 4 firm and today we are a publicly-traded company (NASDAQ: RECN). Our 3,000+ professionals, from more than 70 practice offices, serve over 2,100 clients in 66 countries. RGP has been recognized on multiple occasions by Forbes as one of the 100 Most Trustworthy Companies.

Job Date: 

Mon, 01/15/2018 (All day)

Job Types: 

Locations: