drjobs Penetration Tester-Ethical Hacker - RedLens InfoSec

Penetration Tester-Ethical Hacker - RedLens InfoSec

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Lincoln, NE - USA

Monthly Salary drjobs

$ 75000 - 115000

Vacancy

1 Vacancy

Job Description

CampusGuard a Nelnet Company provides information security services for campusbased organizations including higher education institutions healthcare providers city county and state government agencies and hospitality markets. As a fullservice information security firm we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.

CampusGuard a Nelnet Company provides information security services for campusbased organizations including higher education institutions healthcare providers city county and state government agencies and hospitality markets. As a fullservice information security firm we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.
SUMMARY:
CampusGuard provides information security services for our customers. We serve campusbased markets including education healthcare hospitality and state and local government. RedLens InfoSec a division of CampusGuard assists customers with protecting personally identifiable information as described by various industries and regulatory agencies through a detailed analysis of systems infrastructure personnel procedures and physical security. As a fullservice information security firm we leverage our knowledge combined with the industry standards to provide our customers with world class information security & compliance services.
The Penetration Tester/Ethical Hacker is responsible for assessing a customers business and operating environment risk and infrastructure vulnerability posture. This position requires a wide range of knowledge of network infrastructures operating systems hardware platforms networking systems and the security vulnerabilities within each category. The qualified individual in this position will scan customer networks to discover and exploit security flaws and vulnerabilities with attack simulations on multiple platforms working against a specific customerfocused scope of work. This position requires a highly technical skill level to assess the risks and vulnerabilities of a customers network while being able to articulate the issues to a nonIT professional audience. Excellent communication skills both oral and written are required to provide the reporting information to the customer after the tests are completed. When not performing the specific Scanning and Penetration Testing / Ethical Hacking functions the individual in this position will provide support to the Security Advisors with other security assessments and gap analysis functions.


JOB RESPONSIBILITIES:
Responsible for scanning and performing in depth penetration testing and reporting customer business and operating environments and network infrastructure related to compliance and other relevant industry standards.

Activities include but are not limited to the following:
1. Understand the Scope of Work for each customer agreement and perform the duties and tasks required by those agreements in an organized professional manner.
2. Perform vulnerability assessments and penetration testing utilizing commercial and open source tools.
3. Conduct web application penetration testing in line with Open Web Application Security Project.
4. Exploit security flaws and vulnerabilities with attack simulations on multiple projects working against specific customer systems and networks in accordance with an agreed scope of work.
5. Effectively provide technical risk assessment of technologies in networks applications systems wireless and perform social engineering.
6. Review and analyze security vulnerability data to identify applicability and false positives.
7. Ability to solve complex technical problems and articulate to nonIT personnel.
8. Document all processes and procedures in accordance with CampusGuard standards.
9. Report on findings and advise customers in remediation activities as required.
10. Research and develop testing tools techniques and process improvements.
11. When time allows perform security assessments and gap analysis of system infrastructures in alignment with the PCI DSS HIPAA and other wellknown information security requirements.

Assist with sales and marketing activities:
1. Participate in sales calls as an industry expert
2. Attend conferences as appropriate
3. Prepare and perform industryrelated presentations and/or webcasts
4. Other sales/marketing support duties as requested

Salary Range: $75000 $115000 varies based on experience and credentials


EDUCATION AND EXPERIENCE:
The Penetration Tester/Ethical Hacker must have sufficient information security knowledge and experience to conduct technically complex security assessments.

Minimum acceptable education requirements: Bachelors degree in Computer Science Cyber Security or the equivalent and/or 3 years experience in the information security industry
Minimum acceptable certification requirements: Possess industryrecognized security certification(s) including but not limited to one or more of the following: Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) Offensive Security Web Expert (OSWE) Offensive Security Wireless Professional (OSWP) CompTIA PenTest CompTIA Advanced Security Practitioner (CASP) Certified Red Team Operator (CRTO) TCM Security Practical Network Penetration Tester (PNPT)


Note: Candidate must agree to prepare for and pass certifications as directed by his or her supervisor (e.g. the PCI Professional (PCIP) certification).


Minimum acceptable work experience requirements: If a candidate does not satisfy any of the above education criteria or certificates he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications.

COMPETENCIES SKILLS/KNOWLEDGE/ABILITIES:

Offensive Security Web Expert (OSWE) Offensive Security Certified Expert (OSCE) or Offensive Security Certified Professional (OSCP) highly preferred.
Strong understanding of various web technologies and testing methodologies
Experience with penetration testing of cloud hosted environments is a plus.
Demonstrates an ability to methodically analyze problems identify solutions and communicate to a nontechnical audience.
Exhibits good writing and communications skills to include the ability to render concise reports summaries and formal oral presentations.
Adequately explains presents demonstrates when applicable and documents the operational impact of a particular vulnerability/exploit. Advise customers in remediation tasks for identified vulnerabilities.
Selfmotivated and able to work both independently and with a team.
Willing to travel up to 15% of the time.


(CCore Competencies; FFunctional)

C Understanding of information processing networks and related security issues.
C Understanding of Industry standard information security standards and their applicability.
C Understanding of system infrastructures vulnerabilities exploits and remediation tasks.
C Ability to flow from black box to gray box to white box testing methodologies dependent on customer needs
F Understanding of Higher Education Healthcare and Government institutions and their structure.
F Understanding of wellknown security standards e.g. PCI DSS NIST 80053 ISO/IEC 27000series etc.
F Understanding of Health Information security standards e.g. HIPAA HITECH.
F Understanding of differences between security breach data compromise and fraud
F Understanding of campus type environments structures operations and security needs

Our benefits package includes medical dental vision HSA and FSA generous earned time off 401K/student loan repayment life insurance & AD&D insurance employee assistance program employee stock purchase program tuition reimbursement performancebased incentive pay short and longterm disability and a robust wellness program. Click here to learn more about our benefits: LINK.

Nelnet is committed to providing a welcoming and respectful workplace where all associates have the opportunity to succeed. As an Equal Opportunity Employer we ensure that all qualified applicants are considered for employment. Employment decisions are made without regard to race color religion/creed national origin gender sex marital status age disability use of a guide dog or service animal sexual orientation military/veteran status or any other status protected by federal state or local law. We value the unique contributions of every team member and believe that a positive work environment benefits everyone.

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting ator.

Nelnet is a Drug Free and Tobacco Free Workplace.

Employment Type

Full-Time

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.