THIS IS A REMOTE POSITION
RSI Security is a small organization where collaboration is not only encouraged, but expected. We value relationships within our team and are intentional to build and maintain a strong team camaraderie through virtual happy hours, daily morning meetings to help us start off on the right foot, and meetings dedicated solely to professional development topics to help us develop and grow together.
Purpose of this Position:
As a Penetration Tester, you will perform comprehensive penetration testing against other enterprise networks. The ideal candidate must have the expertise to perform web application, internal and external network penetration testing, and source code review. In addition, this person will manage regulatory compliance testing needs and make recommendations for improvement.
Primary Duties & Responsibilities:
- Participate in pre-sales call to scope out and support sales as an SME
- Work with various project teams and project managers to build and execute a project plan
- Act as a consultant to the client as part of delivery team
- Perform various technical testing projects based on scheduled deadline and objectives
- Execute penetration tests, social engineering penetration tests, and security assessments, including internal & external networks, web and mobile applications, Windows and Linux environments, AWS architecture, IoT devices, and more.
- Create and analyze assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps.
- Develop tools and scripts to automate and improve current pentesting processes.
- Conduct new security research and work with others to develop blog posts on findings.
- Provide subject matter expertise and guidance utilizing tools and techniques to conduct cyber vulnerability and penetration testing.
- Work closely with the Project Management team and the Technical Advisory and Consulting team.
- Actively continue education and technical skill development, improving security capabilities.
Qualifications:
- 2 years of proven experience working for cybersecurity service providers
- 2 years experience with client-facing projects proving penetration testing services
- Strong application penetration testing with a development background is preferred, but not required
- 1 year of network penetration testing experience
- Bachelor’s Degree in Information Technology, Information Security or related field.
- CISSP, CEH, and CRISC certifications.
- Well-rounded knowledge on operating systems, networks, and scripting.
- Familiarity with security testing tools (Qualys, Nexpose, SAINT, AppSpider, Metasploit, nmap, etc.).
- Experience working with basic network protocols (e.g., TCP/IP, SSH, HTTP, DNS, SMB, etc.).
- Strong knowledge of tools used for wireless, web application, and network security testing.
- Strong analytical and problem solving skills.
- Strong customer service skills.
- Excellent written & oral communication skills as well as presentation skills.
- Works with integrity and ethics.
- Security-related certifications (ISSAP, GIAC, OSCP, OSCE, GPEN, or GXPN, etc.) are highly desired, but not required.
The anticipated salary range for this position is $35-$45/hr. Salary may be determined based on experience, education, geographic location, and other factors. commission.
RSI Security is a small organization where collaboration is not only encouraged but expected. We value relationships within our team and are intentional to build and maintain a strong team camaraderie through virtual happy hours, daily morning meetings to help us start off on the right foot, and meetings dedicated solely to professional development topics to help us develop and grow together. Our commitment to equity, equal opportunity, inclusion, and diversity is part of our broader commitment to respecting fundamental human rights across our value chain. RSI Security is proud to be an Equal Opportunity Employer.
Equal Opportunity Employer/Veterans/Disabled
The Company will consider for employment qualified applicants with arrest and conviction records
Benefit offerings for full-time employment may include unlimited flex vacation, 10 paid holidays, paid parental leave, 401k at 100% match, medical, dental, and vision plans, FSA, short term disability, and more! Available paid leave may include paid time off, parental leave and holiday pay.
For more information on RSI Security, please visit our website - www.rsisecurity.com or our social media RSI Security LinkedIn. On our career site, you will find some of the key steps you can expect to guide you along the way.
Top Skills
What We Do
RSI Security is a cybersecurity-focused technology company that helps private and public sector organizations in highly regulated industries effectively manage risk. RSI Security provides cyber engineering, assessment, advisory services, and technical testing to amp up clients' security posture while mitigating business risk.
We have experts for every cybersecurity and compliance need– PCIDSS, CMMC and NIST, MSSP, IT Security, HITRUST, HIPAA / HITECH, CCPA, GDPR, threat detection, security awareness training, and much more.
Our team members come from diverse backgrounds and specialties. Our team members include published authors, open-source developers, industry researchers, and conference presenters.
For more information, visit rsisecurity.com