Information Security Engineer / Penetration Tester
Position: Information Security Engineer/Penetration Tester
Company: COMPASS LLC
Location: Baltimore, MD
Salary: Negotiable
Primary Roles:
- Serve as penetration tester for client technical assessments across a range of industries.
- Serve as cyber security technical subject matter expert advisor to client organizations.
- Lead technical assessment engagements and perform direct interface with a range of mid and senior-level client stakeholders.
Position Description:
The successful candidate will have experience performing cyber security technical assessments for private industry clients using a variety of techniques and technologies. This position will be responsible for leading internal and external penetration testing engagements and directly interacting with client stakeholders. This position will be to serve as an engagement team lead on a day to day basis, overseeing all aspects of conducting client assessments and remediation activities. The candidate will have prior project management experience, including managing workflow and coordinating efforts. Further, the candidate must possess strong interpersonal skills and have the ability to work with cross functional team members. This position may also contribute to the development and delivery of other initiatives and technical service offerings in addition to assessments.
Position Requirements:
The candidate must demonstrate experience and understanding with the following:
- Penetration testing foundations and process
- Techniques for scanning a network for potential targets.
- Conducting vulnerability scans and analyzing the results.
- Performing internal and external penetration testing.
- Understanding of cybersecurity frameworks (ex: NIST, HIPAA, ISO, PCI, etc.)
- Network architecture principles
- Network and routing protocols (IP, ICMP, SNMP etc.)
- Intrusion Detection/Intrusion Prevention Systems
- Firewall architecture
- Server maintenance and patch management best practices
Required Certifications:
- GPEN SANS Penetration Tester
- OSCP Offensive Security Certified Professional
Additional Preferred Certifications:
- CISA Certified Information Security Auditor
- CISSP Certified Information Systems Security Professional
- PMP Project Management Professional
- CCNP Cisco Certified Network Professional
Education & Experience Requirements:
- Bachelor’s Degree in a related Cybersecurity/IT/Computer Science field
- 5 – 7 year(s) of relevant experience
Application Expertise
- Tenable Nessus vulnerability scanner (required)
- Kali Linux penetration testing suite (required)
- Accunetix web scanner (preferred)
Other Requirements:
- Limited travel required
ADDITIONAL NOTES
The majority of duties will be performed in an office setting; the employee may be required to attend off site meetings and other directly related functions. Duties are normally performed within the scope of the normal work day, occasionally based on workload and the demands of the position it may become necessary to work longer than an 8 hour day.
DISCLAIMER: THE ABOVE STATEMENTS ARE INTENDED TO DESCRIBE THE GENERAL NATURE AND LEVEL OF WORK BEING PERFORMED BY EMPLOYEES ASSIGNED TO THIS CLASSIFICATION. THEY ARE NOT TO BE CONSTRUED AS A COMPLETE LIST OF ALL RESPONSIBILITIES, DUTIES AND SKILLS REQUIRED OF PERSONNEL SO CLASSIFIED. ALL PERSONNEL MAY BE REQUIRED TO PERFORM DUTIES OUTSIDE OF THEIR NORMAL RESPONSIBILITIES FROM TIME TO TIME, AS NEEDED.