About Aeris Secure
Aeris Secure is a boutique cybersecurity firm that has pioneered innovation in the PCI compliance and cybersecurity consulting industry for over 10 years. We are expanding our core team and seek to bring on life long learners that can support our broad range of clients through challenging compliance and technical hurdles in the coming months and years.
We provide the support that our people need to continue their advancement. We encourage our employees to expand their knowledge in areas that interest them because we have seen knowledge in disparate areas allow our company to grow in interesting ways.
Position Overview
As a Security Consultant/Penetration Tester, you will be responsible for performing penetration tests against a variety of network and application targets. Consultants should be knowledgeable in all areas of penetration testing, with a focus on web application, API, and mobile application testing. Consultants must be able to balance workloads, work effectively as they work closely with colleagues within the team. Consultants should be able to contribute to the team by sharing knowledge and methodologies, and developing tools and processes that automate and improve workflows.
Key Responsibilities and Functions
- Carry out penetration testing engagements against client networks, systems, and applications
- Identify and exploit vulnerabilities in corporate infrastructure
- Write comprehensive reports detailing findings and recommendations for remediation
- Research and stay current with the latest vulnerabilities, exploits, and offensive techniques
- Collaborate with team members on testing and exploitation efforts and develop novel tooling and techniques to enhance the team’s capabilities
Basic Qualifications
- 3-5 years cybersecurity related experience
- 2-3 years of experience dedicated to penetration testing
- Familiarity with testing frameworks and tools, including Burp Suite, Nessus, Nmap, Metasploit, and Kali Linux
- Strong written and verbal communication skills, including the ability to explain complex technical topics to non-technical audiences
- Possess or meet the prerequisite for one or more of the following certifications: CEH, OSCP, OSWA, OSWE, GPEN, GCPN, GWAPT, or equivalent
Preferred Qualifications
- Bachelor's Degree in computer science, information technology, information systems, or equivalent
- Experience with Penetration Testing of operating systems, web applications, and network infrastructure
- Administrator-level knowledge of Windows and Linux Server Operating Systems
- Experience with Windows security, including Active Directory and Group Policy
- Understanding of Internet (HTTP, FTP, etc.) and network (SMB, TCP/IP, etc.) protocols
- Knowledge of the functionality and capabilities of computer network defense technologies, including Router ACLs, firewalls, IDS/IPS, antivirus/EDR, and web content filtering
- Development experience with common scripting/programming languages such as Python, Golang, JavaScript, PowerShell, and C#
- Knowledge of web application design & implementation concepts, including supporting systems
- Strong understanding of various cloud providers and application configuration and deployment
Additional Details
Job Type: Full-time
Total Compensation: $85,000 - $120,000 per year
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
License/Certification:
- CEH, OSCP, OSWA, OSWE, GPEN, GCPN, GWAPT, or equivalent
Work Location: Remote
Job Type: Full-time
Pay: $85,000.00 - $120,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Vision insurance
Compensation package:
- Bonus opportunities
- Quarterly bonus
- Yearly pay
Experience level:
- 3 years
Schedule:
- 8 hour shift
Experience:
- Penetration testing: 3 years (Preferred)
License/Certification:
- CEH (Preferred)
- OSCP (Preferred)
- GPEN (Preferred)
Work Location: Remote