Senior Penetration Tester
Strata Information GroupSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
NoVisa
Cybersecurity, Information Technology, Security OperationsIndustries
Requirements
Candidates must possess US Citizenship and be eligible for a US Government background investigation. A Bachelor's Degree in Cybersecurity or a related field is preferred, along with at least 2 years of experience in penetration testing or red-team assessments. Familiarity with SCAP, CVE, CVSS, CWE, CPE, USGCB, STIGs, NSA Guides, NCP, or Common Secure configurations is required. Experience with NMAP, BurpSuite, CrackMapExec, BloodHound, Ansible, Terraform, Git, and AWS is also necessary. While not required, the Offensive Security Certified Professional (OSCP) certification and related knowledge are highly preferred.
Responsibilities
The Senior Penetration Tester will conduct penetration tests on web applications, APIs, networks, and cloud environments, simulating advanced persistent threat attacks. Responsibilities include assessing target systems, identifying and safely exploiting vulnerabilities, and analyzing Proof of Concept exploits. The role involves automating red teaming and penetration testing techniques using scripting languages like Golang, Python, JavaScript, Bash, or PowerShell. Additionally, the tester will perform security assessments of cloud environments, conduct source code reviews, and execute tests according to methodologies such as OWASP, NIST, and PTES. They will utilize custom tools, frameworks, and infrastructure, assess the risk of discovered vulnerabilities, and document findings in technical reports with remediation recommendations. Collaboration with clients on assessment status and vulnerability information is also a key duty, along with evolving the company's capabilities and toolset.
Skills
Penetration Testing
Web Application Security
Network Security
Cloud Security
Vulnerability Assessment
Exploitation
Risk Communication
SCAP
CVE
CVSS
CW
UltraViolet Cyber
Unified defensive and offensive cybersecurity solutions
About UltraViolet Cyber
UltraViolet Cyber focuses on enhancing cybersecurity for organizations by integrating both defensive and offensive security operations. Their main services include Managed Detection and Response (MDR), which provides continuous monitoring and response to cyber threats, and Penetration Testing as a Service, where they simulate cyber attacks to find and fix vulnerabilities. This company stands out from competitors by combining the expertise of Red Team (offensive) and Blue Team (defensive) professionals, ensuring that security measures are both proactive and reactive. The goal of UltraViolet Cyber is to help organizations improve their resilience against cyber threats and protect their sensitive data and infrastructure effectively.
McLean, VirginiaHeadquarters
2023Year Founded
$4MTotal Funding
SERIES_ACompany Stage
CybersecurityIndustries
201-500Employees
Benefits
Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
401(k) Company Match
401(k) Retirement Plan
Unlimited Paid Time Off
Paid Holidays
Risks
Increased competition from larger firms may pressure UltraViolet Cyber's market share.
Rapid evolution of AI-driven threats may outpace current capabilities, requiring investment.
Integration challenges from the merger could lead to operational inefficiencies and dissatisfaction.
Differentiation
UltraViolet Cyber unifies defensive and offensive security operations for comprehensive threat management.
The company offers Managed Detection and Response and Penetration Testing as a Service.
Security as Code platform automates threat detection, providing a unified risk picture.
Upsides
Growing demand for cloud security solutions offers expansion opportunities for UltraViolet Cyber.
Interest in AI-driven cybersecurity tools aligns with UltraViolet Cyber's automation focus.
Rising need for advanced penetration testing services due to RaaS models benefits UltraViolet Cyber.
Related Jobs
RemoteRemoteSenior Red Team Engineer
AdobeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Offensive Security Consultant
SpecterOps$145,000 - $170,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Penetration Tester, Application Security (3 month contract)
WealthsimpleSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Manager, Hacker Success Program
HackerOne£86,000 - £108,000/year
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Cybersecurity Compliance Analyst
Maxar TechnologiesSalary not specified
- Full Time
- Senior (5 to 8 years)