Penetration Tester

Job ID: NC-701519 ()

Hybrid/Local Penetration Tester (15) with offensive security VPN/firewalls/routers/switches/IDS/IPS Windows/Linux/Unix Nmap/Nessus/Metasploit/Burp Suite BloodHound/NetExec/PingCastel NIST/OWASP/MITRE ATT&CK and Active Directory experience

Location: Raleigh NC (NCDHHS Privacy and Security Office)
Duration: 11 Months

Skills:
Minimum 7 10 years of hands-on experience in penetration testing or offensive security Required 7 Years
Demonstrated expertise in network and infrastructure security testing Required 7 Years
Strong understanding of: o TCP/IP DNS DHCP VPN firewalls IDS/IPS o Windows and Linux system internals o Active Directory attack paths and defen Required 8 Years
Advanced proficiency with penetration testing tools such as: o Nmap Nessus Metasploit Burp Suite o BloodHound NetExecPingCastel Analysis tools Required 7 Years
Experience producing standard penetration testing reports Required 7 Years
Familiarity with security frameworks and standards including: o NIST SPo MITRE ATT&CK o OWASP Testing Guide Required 7 Years
Experience working within regulated or high-security environments Required 7 Years
Strong understanding of legal ethical and compliance requirements for penetration testing Required 5 Years

Description:
Seeking a Senior Penetration Tester to conduct authorized network & infrastructure penetration testing to identify validate & demonstrate security weaknesses.

The Senior Penetration Testing Contractor will:
Plan and execute internal and external penetration tests for network and infrastructure environments
Perform vulnerability identification validation and controlled exploitation
Assess security posture across:
Network devices (firewalls routers switches)
On-premise servers and operating systems (Windows Linux Unix)
Active Directory and identity infrastructure
Remote access solutions and VPNs
Cloud environments (where applicable)
Simulate advanced threat actor techniques including:
Privilege escalation
Lateral movement
Credential compromise
Persistence mechanisms
Evaluate security configurations and control effectiveness
Conduct testing in accordance with approved Rules of Engagement
Prepare and deliver formal penetration testing reports suitable for executive audit and technical audiences
Support remediation validation and follow-up testing as required

innoSoul Inc. is an Information Technology company and offers technology solutions in various platforms to different business domains. More specifically business solutions for Application Development System integration network or software installation support Custom Web Development Hosting solutions. Our value-added solutions leverage technology to enhance business performance increase productivity and secure data.