Penetration Tester

Summary

Join UltraViolet Cyber, a leading unified security operations company, as an experienced Penetration Tester. You will play a key role in conducting penetration tests for our growing customer base, simulating attacks against client IT systems to identify vulnerabilities and communicate risks effectively. This position requires expertise in web and mobile application testing, network, and cloud security assessments. You will utilize various penetration testing tools and methodologies, document findings, and collaborate with clients. US citizenship and a willingness to undergo a government background check are required. A competitive salary is offered.

Requirements

• US Citizenship
• Willingness to be submitted for a US Government background investigation
• At least 2 years of experience related to conducting penetration tests or red-team assessments

Responsibilities

• Conduct mobile application, web application, Application Programming Interface (API), network, and cloud penetration tests
• Use common penetration testing and red-team tools, tactics, techniques, and procedures
• Analyze Proof of Concept (PoC) exploits to understand the underlying vulnerability and tailor the PoC to be safely used in target space
• Automate Red Teaming and Penetration Testing techniques, to efficiently scale offensive operations, using common scripting and programing languages (e.g. Golang, Python, JavaScript, Bash, PowerShell, etc.)
• Conduct security assessments of cloud environments and application source code review
• Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST, PTES)
• Utilize custom penetration testing tools, frameworks, and infrastructure
• Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation
• Document and deliver technical reports on detailed findings and vulnerability remediation recommendations
• Collaborate with clients throughout an assessment on status and vulnerability information
• Evolve our capabilities and toolset

Preferred Qualifications

• Bachelor’s Degree in Cybersecurity or related field
• Offensive Security Certified Professional (OSCP)
• OSCP experience and knowledge
• Experience performing SAST, DAST, and code reviews
• Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE)
• Understanding US Government Configuration Baseline (USGCB), Security Technical Implementation Guides (STIGs), NSA Guides, National Checklist Program (NCP) or Common Secure configurations

Benefits

$120,000 - $130,000 a year