True Zero Technologies is hiring a
Senior Penetration Test Engineer

Summary

Join True Zero Technologies, a veteran-owned small business, as a Senior Penetration Test Engineer. As a key member of our team, you will possess solid industry experience in the public sector and/or commercial spaces; relevant technical certifications; and, proven experience designing, configuring, and conducting penetration testing situations and scenarios focused on cybersecurity and technology assets and networks.

Requirements

• Minimum 5+ years’ experience in a cybersecurity, technology, and/or network penetration testing role, conducting penetration tests or red-team assessments
• US citizenship required, and candidates must be willing to be submitted for a US Government background investigation
• Experience using common penetration testing tools such as Metasploit Framework and Burp Suite Pro
• Experience using and exploiting operating systems including Windows and Linux
• Experience with advanced exploitation methods or exploitation development
• Experience conducting cyber operations and exploitation
• Understanding of common scripting languages
• Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE)
• Understanding of US Government Configuration Baseline (USGCB), Security Technical Implementation Guides (STIGs), NSA Guides, National Checklist Program (NCP) or Common Secure configurations
• Excellent written and verbal communication skills, demonstrating the ability to effectively convey technical information to both technical and non-technical audiences
• Experience with a variety of testing use cases including, but not limited to external, internal, social media, cloud providers environments, application toolkits and development, SCADA environments, operational environments, wired and wireless networks, etc

Responsibilities

• Conduct web application, mobile application, phishing, network, wireless, and operational technology penetration tests
• Conduct security assessments of cloud environments and application source code review
• Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST, PTES)
• Use common penetration testing and red-team tools, tactics, techniques, and procedures
• Utilize custom penetration testing tools, frameworks, and infrastructure
• Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation
• Deliver technical reports on detailed findings and vulnerability remediation recommendations
• Collaborate with clients throughout an assessment on status and vulnerability information
• Coach and mentor penetration testing team experts
• Provide professional development and human resources management of the team
• Participate in business financial management of the penetration team

Benefits

• Competitive salary, paid twice per month
• Best in class medical coverage
• 100% of medical premiums covered by True Zero
• Company wide new business incentive programs
• Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
• 3 weeks of PTO starting + 11 Paid Holidays Annually
• 401k Program with 100% company match on the first 4%
• Monthly reimbursement of Cell Phone and Home Internet costs
• Paternity/Maternity Leave
• Investment in training and certifications to broaden and deepen your technical skills