Redbot Security provides industry leading manual penetration testing and full-service security services. Our team of Senior Level Engineers are fully certified ethical hackers. We specialize in controlled, manual exploitation of Wireless, Internal, External, Application, Cloud, ICS/SCADA Penetration Testing and provide the industry’s best customer experience, scoping and service delivery.
Redbot Security is looking for a senior-level penetration tester. This role requires the person to “hit-the-ground-running” with performing penetration testing for the web applications, internal/external networks, cloud environments, wireless networks, and mobile devices in addition to being able to perform social engineering using electronic and physical methods.
The senior-level penetration tester would start out as a contractor performing penetration testing with contract-to-hire opportunities later after a probationary period has passed.
- You will be called on to perform technical testing against a variety of targets. These include:
- External Networks
- Internal Networks
- Wireless Networks
- Web Applications and APIs
- Mobile Devices / Applications
- Cloud Environments
- Social Engineering (on-premise and electronic)
- Firewalls (Firewall Review)
- SCADA Networks (*Bonus points if knowledgeable)
- IoT Devices (*Bonus points if knowledgeable)
Beyond delivering these services, as a senior consultant you will:
- Grow to support all security practice offerings in a pre-sales and post-sales role
- Meet professional practice standards and demonstrate exceptional skill in core service areas
- Develop and maintain positive relationships with clients
- Execute delivery work that exceeds expectations
- Understand the client’s business and needs
- Participating in industry conferences and professional organizations
- Creating additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards and leading practices
- Help to assist and to teach peers
- 4+ years in an active penetration testing role. This is a Senior-level role and requires previous pen testing experience. (Penetration Testing performed as a service in lieu of penetration testing for your own organization is preferred)
- Previous IT experience that isn’t security (e.g., network/sysadmin or web developer)
- Certifications such as GPEN, GXPN, GMOB, GWAPT, OSCP, OSWE, OSCE, OSEE, OSWP
- Strong knowledge of the following:
- Network administration
- System administration (Windows / Linux)
- Modern penetration testing tools and methods
- Firewall reviews
- Web-based application security concepts
- Cloud services (GCP, AWS, and Azure)
- IEEE 802.11 security concepts
- Windows/Linux/UNIX internals
- Internet protocol suite
- Experience using interpreted languages (Python, PHP, etc.)
- Knowledge of compiled languages (Java, C, C++, Assembly, etc.)
- Social engineering techniques and tactics
- Strong written and verbal skills
- Be able to work and interact with clients of various backgrounds
- Maintain positive client relationships and feedback
- Be comfortable explaining findings and recommendations to technical and non-technical audiences
- Knowledge of common regulatory structures and obligations
- Knowledge of common I.T. governance guidance
- Background Check Required
- Previous experience working as a systems administrator
- Previous experience working as a network administrator
- Previous experience working as a web developer
- Previous technical security consulting experience
- Fundamental or advanced understanding of SCADA systems
- Bachelor’s degree or foreign equivalent in Engineering, Computer Science, MIS, CIS or related field
- Contributions and participation in the security community.
- Experience presenting at security conferences.
- GitHub project repositories.
- Developed or maintained security tools.
- Expertise in developing exploits
- Published CVEs.
- Participation in CTFs.