Information Security Architect/Penetration Tester - Cynet Systems : Job Details

Information Security Architect/Penetration Tester

Cynet Systems

Job Location : Frankfort,KY, USA

Posted on : 2025-02-05T21:31:28Z

Job Description :
Job Description:Pay Range: $55hr - $60hrResponsibilities:
  • Penetration Testing & Vulnerability Assessment: Conduct hands-on penetration testing and vulnerability assessment across various environments, including web and mobile applications, networks, cloud infrastructure, IoT, and other emerging technologies.
  • Advanced Security Analysis: Perform in-depth analyses, utilizing threat intelligence and real-world attack techniques, to uncover vulnerabilities and misconfigurations in complex systems.
  • Metrics Development & Risk Reporting: Develop and track meaningful security metrics to communicate the organization's security posture and enable risk-based decision-making.
  • Threat-based Reporting: Create and deliver actionable, threat-based reports that outline security testing results and prioritize recommendations based on potential impact.
  • Team Mentorship & Development: Mentor and coach junior security staff, sharing best practices, new techniques, and industry knowledge to aid their growth.
  • Stakeholder Consulting: Collaborate with developers, system administrators, and management to demonstrate security findings, articulate associated risks, and guide remediation efforts for optimal security outcomes.
  • Communication Across Levels: Effectively communicate technical security findings to various stakeholders, including technical teams, executives, vendors, and regulatory bodies, ensuring an understanding of risks and impact.
  • Relationship Building: Foster partnerships with critical business units and stakeholders to promote a security culture and support the implementation of security controls.
  • Compliance: Through thorough testing and reporting, ensure compliance with relevant security standards and regulations (e.g., PCI-DSS, HIPAA, GDPR).
  • Training and Awareness: Conduct security training sessions and workshops to educate employees about security best practices.
Education:
  • Bachelor's degree in computer science, Information Security, or related field.
  • Relevant certifications (e.g., CEH, OSCP, CISSP) are highly desirable.
Experience:
  • Minimum of 3 years of experience in information security, focusing on penetration testing and vulnerability assessment.
Technical Expertise:
  • Proficient in one plus programming/scripting languages such as Python, JavaScript, C#, Ruby, or PowerShell, with solid knowledge of secure coding practices.
  • Frameworks & Methodologies: Hands-on experience with security testing frameworks and standards (e.g., PTES, OWASP) and familiarity with MITRE Telecommunication&CK framework.
  • Cloud & DevOps Proficiency: Solid understanding of Windows, Linux, and Mac OS, hands-on experience in cloud environments (AWS, Azure, GCP), and familiarity with DevOps pipelines and container security (Docker, Kubernetes).
  • Critical Thinking & Problem Solving: Demonstrates a high level of critical thinking and problem-solving skills to navigate complex environments and devise innovative solutions.
  • Organizational Skills: Strong organizational, time-management, and documentation skills, with the ability to manage multiple tasks and deadlines effectively.
  • Certifications: OSCP, OSCE, OSWE, or OSEP are preferred but not required. Knowledge of or certification in cloud security (e.g., CCSK, AWS Certified Security) is a plus.
  • Continuous Learning: Stays current on the latest trends in cybersecurity, penetration testing, and threat landscapes, with a commitment to ongoing learning and professional development.
Additional Qualifications:
  • Ethical commitment to confidentiality, integrity, and maintaining a secure environment.
  • Ability to work independently and collaboratively in a fast-paced, dynamic environment.
  • They are looking for a seasoned Pen tester, who can work as a lead and work along with third-party vendors.
  • There are 20 individuals on the team and they have only one pen tester.
  • Looking for someone with cert OSCP, OSEW OSEP, and OSWE. (OSCP highly desired).
  • If someone does not Have the OSCP certifications and is selected Candidate must complete the certifications within 90 days.
  • Perform Pen Testing on various Applications using multiple tools.
  • Someone with a good cloud environment (AWS, Azure, or GCP) and DevOps expperience.
  • Pen test in the cloud environment.
  • They have around 300 applications and they testing 100 applications.
Apply Now!
Similar Jobs ( 0)
-- View More Similar Jobs --