Junior Penetration TesterLocation: Remote in the United StatesUS Citizenship RequiredResponsibilities:We require the tester to perform or assist in performing penetration testing (e.g., internal, external, etc.), web application security assessments (e.g., exploiting web app vulnerabilities such as SQL injection, cross-site scripting, parameter manipulation, session hijacking, etc.), vulnerability assessments (i.e., network vulnerability scanning), and technical security assessments (e.g., Windows, UNIX, firewalls, routers, SQL server, Could, etc.) for BlueVoyant's clients.The junior penetration tester may also be leveraged to assist to design, build, operate and monitor leading edge security infrastructure, platforms, applications, and tools to meet strategic and tactical security objectives. They will also work with Directors, technical managers, software development, and IT operations staff to identify, exploit, mitigate or remediate vulnerabilities and manage technology risks across the enterprise. Participates in periodic vulnerability assessments and reviews the findings to gauge overall risks, severity, and appropriate corrective measures.Qualifications:
3+ years IT/cybersecurity experience
Minimum of 1 years conducting Penetration tests engagements or equivalent experience
Minimum of 2 years’ experience in information security fundamental/principles
Industry recognized certifications in the fields of penetration testing
Experience standing up cloud-based command and control environments for penetration tests
Experience with Network or Information Security support
Solid systems security exposure and proficiency in at least two Operating Systems (Windows, Linux preferred)
Proven track record of utilizing VA/PT tools (Metasploit, Nessus, Burp, etc.) in the field
Strong troubleshooting skills of complex network and security problems
Strong analytical skills in threat, vulnerability, and intrusion detection analysis
Excellent verbal and written communication skills
Highly disciplined and motivated, able to work under direction and as a member of a team
Must be willing to periodically work non-standard hours
Preferred Qualifications:
Experience performing Black/Grey/White Box, pivoting and persistence, application and web application testing
Experience with Cloud asset penetration testing
Ability to write custom scripts, code etc. to assist with network exploitation activities
Application of common Cyber Security concepts including Intrusion Detection Systems, Host Intrusion Prevention Systems, and Anti-Virus Solutions
Understanding of the Windows/Mac/Linux File System structure, and ability to recover deleted files, search hidden files, and access registry keys
Ability and experience capturing and analyzing volatile (in-memory) data
Experience with network signature development with tools such as SNORT, NetFLOW, WireShark, tcpdump or related tools
Offensive Security OCSP or HTB CPTS
Proven experience with CTF or offensive games
About BlueVoyant
At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.Disclaimer: Please note that under contractual requirements and applicable law, European citizenship is required for employees to work on some of the company’s contracts. Accordingly, an employee’s ability to work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting. BlueVoyant Candidate Privacy Notice To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy NoticePowered by JazzHR