Sr. Penetration Tester

  • Hillsboro, OR, USA
  • Contract

Company Description

The Aroghia Group is a nationwide information technology firm that provides cutting-edge IT services, solutions, and staff placements for clients ranging from startups to Fortune 500 companies. We are committed to helping our clients achieve their goals through innovation, collaboration, and deep expertise.

Job Description

The Sr. Penetration Tester is part of our retail sportswear client's Corporate Information Security, Security Operations organization and participates in the attack surface management of global computing assets. The Sr. Penetration Tester is responsible for security testing of the technology, coordination with stakeholders regarding their findings, and completion of day-to-day tasks associated with penetration test programs.

Job Responsibilities:
•    Conduct penetration test scoping/kick off meetings with technology business stakeholders, document scope and schedule testing window
•    Lead web application, mobile, web service, API and network penetration testing within the designated scope and rules of engagement
•    Provide technical guidance for remediation of findings, collaborating with other CIS teams as necessary
•    Provide mentoring and training to junior members of attack surface management team
•    Perform required audit related tasks from internal audit, SOX and PCI activities.
•    Interface & support other CIS organizations such as Incident Response, Governance, Risk and Threat Intelligence as necessary
•    Maintain and compose operational process documentation regarding program execution.
•    Maintain and grow penetration testing tool suites and automation of tasks through the use of commercial and open source products
•    Perform Red Team activities in coordination with the cyber defense center and incident response teams to validate Blue team monitoring & detection processes

Qualifications

•    Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience.
•    7+ years of IT professional experience, with 3+ years Information Security experience, with previous penetration testing or application security background
•    Strong understanding of a variety of technical concepts such as: Application development, networking, systems administration, and information security practices
•    Strong web application development, security flaw and remediation technical understanding
•    Demonstrated experience with solutions such as Metasploit, Burp, ADB, Nessus, Rapid7 Nexpose or Appspider, Qualys, WhiteHat, Microfocus Fortify & WebInspect, Veracode
•    Experience with data analytics with the ability to provide qualitative analysis and recommendations
•    Strong verbal and written communication skills to clearly convey both technical
•    Experience and knowledge of performing security tasks within AWS or Azure cloud environments
•    Ability to develop strong working relationships with a variety of other enabling teams.
•    Strong attention to detail, data accuracy, and data analysis.
•    Self-motivated and operates with a high sense of urgency and a high level of integrity.

Strongly Preferred:
•    Certifications such as GIAC Web Application Penetration Testing (GWAPT), Offensive Security Certified Professional (OSCP) or GIAC Penetration Testing (GPEN) are strongly preferred.
•    Previous experience working in large scale environments with diverse technologies.
•    Ability to automate technical tasks through use of API or scripting

Additional Information

To Apply:

Aroghia Group provides top market compensation and a great company culture. Please provide your resume, LinkedIn profile address, and phone number when applying.

Aroghia Group has established a solid reputation in the marketplace by providing our employees with outstanding opportunities for personal and professional growth. Some additional benefits include (but are not limited to):

  • We are a preferred IT vendor for top-notch companies in a wide range of industries across the U.S.
  • Aroghia offers various compensation structures (hourly, salary) based on qualifications and market demand.
  • We provide continuous training and development to ensure our team remains at the forefront of technological advancements.

Open Positions: http://aroghia.com/careers