Vulnerability Assessment/Penetration Tester

Software Guidance & Assistance, Inc., (SGA), is searching for a Vulnerability Assessment/Penetration Testerfor a CONTRACT assignment with one of our premier Financial clients in Fort Lauderdale, FL. This role will be remote.
Responsibilities:

• Provide Vulnerability Assessment/Penetration Testing services to Firm businesses globally through a comprehensive testing process
• Participate in special projects ranging from rush testing of critical components to architecture reviews with sister teams to "shift-left "
• Acting as an SME for Infrastructure Penetration Testing in cross-functional efforts/projects
• Participate in the enhancement of testing processes and methodologies
• Identify weaknesses and vulnerabilities within the system, exploit them and propose countermeasures
• Validation of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards
• Scan systems and applications, leverage initial results to build a subsequent attack methodology and execute effectively
• Report Information Security vulnerabilities to businesses in an actionable manner

Required Skills:

• Bachelor's Degree or similar work experience
• 3-5 years of relevant experience in offensive security with a history of gradually expanding experience prior
• OSCP, OSCE, GXPN, CREST or similar demonstrable experience
• Scripting(Bash, Python etc)
• Reverse Engineering / Exploit Development
• Design experience/understanding ( infrastructure/systems/enterprise)
• Exceptional interpersonal skills and a proven track record of working effectively with globally diverse teams
• The ability to understand new and emerging technologies rapidly to keep up with an ever changing threat landscape
• The ability to effectively document and explain exploits/vulnerabilities to technical and non-technical audiences including to senior leadership
• Demonstrable proficiency in producing comprehensive penetration testing reports with actional recommendations
• Deep understanding of TCP/IP, Infrastructure stacks(i.e. 3 tier, segmented environments)
• Demonstrable experience working effectively in Enterprise environments
• Demonstrate hands on experience with Vulnerability Assessment/Enumeration tools, e.g., Tenable Nessus, Qualys VM, OSS enumeration tools
• Demonstrate hands on experience with penetration testing tools i.e. Kali suite, open-source tooling, Living Off The Land(OS)
• Understanding of defensive security principles with an ability to demonstrate offensive opportunities
• OS and Network Security Experience, e.g. Unix, Linux, Windows, Cisco, etc
• Understanding of common protocols, e.g. DNS, SMTP, SNMP, LDAP, Routing Protocols
• Hands on experience with MITRE ATT&CK Framework or similar
• Experience with TTP's, IOC's and advanced threat analysis
• Threat Mapping experience

Preferred Skills:

• CCNP, CISSP, TOGAF/SABSA, Microsoft/Linux Certifications

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at https://sgainc.com .

EEO Employer: Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status.