02 Mar
Associate Information Security Penetration Tester
Michigan, Detroit metro , 48226 Detroit metro USA

Minimum Qualifications

  • Experience documenting app/system issues and presenting results to technical and non-technical management teams
  • Experience with a combination of the following: C or C++/Java/Ruby/ASM/other languages, scripting languages (Bash, Perl, Python), web application testing/exploitation, database testing/exploitation (SQL, Oracle, MongoDB, Hadoop, etc.) and/or cloud instance testing/exploitation
  • Bachelor?s degree in computer science, information technology or a related field or equivalent experience
  • Ability to utilize a wide variety of tools for looking for application issues, either from a quality assurance or testing perspective
  • Working knowledge of common commercial and/or open source penetration testing toolkits and techniques
  • Understanding of how web applications work, development practices, etc.
  • Strong organizational skills and the ability to track multiple projects to completion
  • Ability to maintain strict confidentiality
  • Possesses a high sense of urgency
  • Has good writing, organization, interpersonal and communication skills
  • Analytical thinking skills
  • Ability to be thorough and detail-orientated
  • Ability to look at all situations objectively; loves to challenge assumptions and has intense curiosity
  • Ability to work independently without supervision
  • Ability to work efficiently and accurately in a fast-paced environment
Preferred Qualifications
  • Experience in an information security, software engineering, development or quality assurance role
  • Experience in process scripting using Python
  • Cloud-proficient: Understands how to test against native services of cloud providers
  • Knowledge of 1 or more web application languages (.Net, PHP, JavaScript, etc.)
  • Knowledge of Burp Suite
  • Understanding of the OWASP Top 10
  • Knowledge/Experience in basic app building in large PaaS platforms, such as: ServiceNow, Salesforce, Netsuite, etc.
  • GIAC, OSCP or other relevant information security certification
Job SummaryThe Associate Information Security Penetration Tester finds security problems across the company without breaking the entire organization in the process. The ideal candidate for this position should have a deep curiosity about network, system and application testing to uncover vulnerabilities. They will spend their day working with technology to help find vulnerabilities, scanning client infrastructures, delivering results to our clients and building automation. This role is not for someone who only wants to break things; successful candidates also can?t wait to roll up their sleeves to provide comprehensive visibility of vulnerabilities. Our ISMs of ?do the right thing? and ?a sense of urgency is the ante to play? guide our daily actions; security is in our DNA.Responsibilities
  • Work with development teams to build and execute scan profiles of applications
  • Build methods to automate basic assessments and results delivery to speed visibility for stakeholders
  • Collaborate with information security penetration testers on penetration testing of applications, servers or infrastructure
  • Identify additional preventative and detective controls to implement or consider
  • Deliver results, as needed, to application owners, risk team, project coordinators and clients in a clear, consistent way, using multiple forms so that teams can immediately begin remediation with no ambiguity
  • Aid in testing new technologies during proofs of concept to ensure that product claims and abilities meet the company?s needs
  • Take part in purple team exercises with other information security team members to increase visibility and preparedness and tweak existing controls
  • Promote a risk aware culture through promoting risk-appropriate practices and controls
  • Keep up-to-date on new, emerging exploits/vulnerabilities and track against internal vulnerabilities
Who We?Are?Rock Central is a Detroit-based?professional services company obsessed with delivering innovative, effective solutions to meet the diverse needs of our clients. From legal and finance to technology and public relations, our?expertise spans from executive consulting all the way to tactical implementation. We thrive at the intersection of people, process and technology?and empower our partners to unleash the maximum potential of their business through unmatched partnership?and the entrepreneurial spirit of a startup. From the smallest venture to the largest enterprises, we believe having an impact is never a questionit?s part of our DNA.?DisclaimerThis is an outline of the primary responsibilities of this position. As with everything in life, things change. The tasks and responsibilities can be changed, added to, removed, amended, deleted and modified at any time by the leadership group.


Related jobs

Report job