Cybersecurity Test Engineer – Remote

About Us

At Decision Point Security, our motivation lies in securing the systems that support the warfighters who safeguard our nation. We take immense pride in the work we do, and this extends to our team members. We offer a unique and exciting opportunity to be part of a dynamic family of professionals that places a premium on personal and professional growth. Our work culture thrives on collaboration and innovation, where challenging the status quo is not only allowed but actively encouraged.

As part of our family of professionals, you'll gain access to a range of benefits. From competitive compensation and performance-based bonuses to health insurance, dental and vision coverage, and health savings accounts, we prioritize your well-being.

Join us in our mission to ensure warfighters with cutting-edge security solutions while enjoying the perks of a thriving, collaborative, and supportive work environment.

Position Overview: As a Cybersecurity Test Engineer you will be responsible for validating the security posture of customer applications and platforms through vulnerability research / analysis and penetration test. Your ability to think creatively about potential threats and develop and execute test cases using latest cyber threat Tactics, Techniques, and Procedures (TTPs) to assess exposure will ensure that our clients achieve and maintain cyber resilience.

Responsibilities:

• Plan and execute red / purple team activities, including simulated attacks, application penetration testing, and risk assessments.
• Lead and participate in threat model development
• Evaluate and analyze identified vulnerabilities to assess risk levels and provide clients with informed recommendations on technical security measures and compliance activities.
• Develop and Automate testing tools.
• Identify and provide improvements on existing services, including continuous improvement of methodologies, tools and reports.
• Ensure quality control measures are adhered to for test execution and the production of delivery artifacts.
• Write clear and concise reports detailing findings and recommendations for remediation of identified vulnerabilities.
• Review application and systems for compliance with applicable security standards and best practices.
• Conduct / contribute to comprehensive risk assessments and vulnerability analyses to identify potential security threats and mitigate risks.

The listed responsibilities are not exhaustive and additional responsibilities may be assigned based on the evolving needs of the organization. We are seeking a dynamic individual who is able to adapt and take on new responsibilities as they arise.

Preferred Experience and Qualifications:

• Hold a Bachelor’s degree from an accredited college in a relevant discipline, or equivalent experience.
• Experience in a consulting/professional services role
• Strong understanding of cybersecurity principles, technologies, and best practices, including encryption, authentication, access control, and secure coding practices.
• Experience in Application Security and/or Software Development
• Familiarity with software development methodologies and practices, particularly Agile and DevSecOps.
• Experience with DevOps and/or Security Maturity Modelling (e.g. OWASP SAMM)
• Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.).
• Network/host-based penetration testing tradecraft and methodologies.
• Proficiency in web application penetration testing.
• Skilled at translating technical implementation (infrastructure as code and configuration as code)
• Experience conducting / contributing to comprehensive risk assessments and vulnerability analyses
• Experience testing against one or more IT security compliance frameworks, such as PCI, FISMA, HIPAA, FEDRAMP, or HITRUST
• Assessment of security controls across modern enterprise services architecture
• Ability to work independently and as part of a team
• Strong technical writing skills.
• Relevant technical certifications such as: Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP) certification.

Requirements: Applicants must have the ability to obtain a government security clearance; US Citizenship is mandatory.

Additional Information:

• Work will be conducted remotely.
• A variety of alternate work schedules are supported.

Job Type: Full-time

Pay: From $80,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Professional development assistance
• Tuition reimbursement
• Vision insurance

Compensation package:

• Yearly pay

Experience level:

• 1 year
• 2 years
• 3 years
• Under 1 year

Schedule:

• Monday to Friday

Work Location: Remote