Remote OffSec Consultant

Summary

Join VerSprite as an OffSec Consultant and contribute to cutting-edge security solutions for clients across various sectors. As part of our Adversarial Security team, you will work with clients to simulate cyberattacks, identify vulnerabilities, and provide actionable insights.

Requirements

• Proven experience in penetration testing, ethical hacking, or offensive security consulting
• Familiarity with threat modeling frameworks, such as PASTA
• Strong understanding of network security, web application vulnerabilities, and cloud security best practices
• Ability to script and develop custom testing tools for security assessments
• CREST, OSCP, or similar security certifications are preferred
• Excellent communication skills to present complex security findings to technical and nontechnical audiences

Responsibilities

• Conduct manual penetration testing on web applications, networks, and embedded systems
• Use threat modeling methodologies, like PASTA (Process for Attack Simulation and Threat Analysis), to evaluate risks and assess the potential impact of real-world attacks
• Design and execute red teaming exercises that emulate cybercriminal tactics
• Analyze vulnerabilities using both automated tools and custom techniques for deep threat analysis
• Collaborate with DevOps and security teams to integrate OffSec practices into the SDLC (Software Development Life Cycle)
• Provide comprehensive security assessments, including CREST accredited penetration testing
• Develop reports that explain findings, contextualize risks, and propose practical remediation strategies

Benefits

• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you
• A collaborative environment where everyone works together to create a better working world