Jobs · Information Technology · Missouri

Offensive Security Consultant

Konica Minolta Business Solutions Canada · Kansas City, MO · 2 wk ago
Information TechnologyFull-time

About the role

This is an opportunity to work with diverse clients, tackle challenging environments, and make a direct impact on organizations' security postures. Offensive Security Consultant candidates are motivated offensive security professionals, often with 2-5 years of pen testing experience not counting previous IT experience.

Responsibilities

  • Deliver Application Penetration Tests against web apps, mobile apps, web services, and fat-clients
  • Perform Small to Medium-sized Network Penetration Tests
  • Communicate with customers in a friendly manner, quickly and clearly, and with great accuracy during: Kickoff and scoping calls, Assessment status updates and ongoing project communication, Report delivery, Wrap-up meetings, Non-Billable events such as lunches, conferences, and meetups
  • Work towards professional-level certs such as the OSCP if they have not already been achieved
  • Aid in enhancing various company methodologies and other documentation
  • Aid peers in identifying/exploiting issues during assessments
  • Demonstrate excellent writing skills both during email correspondence and report creation
  • Prioritize findings based on perceived risk, using existing knowledge of clients’ business to ascertain finding severity
  • Lead by example in behavior, work ethic, and punctuality
  • Interpret and obey any applicable customer testing restrictions based on scope and kickoff calls
  • Utilize non-billable time to work on company-directed internal projects
  • Develop and own an area of expertise e.g. web services, SQL injection killer, mobile apps, Powershell, reporting god, Java, XXE skills, etc.
  • Contribute to company methodology and vulnerability repositories

Qualifications

  • 2+ years’ full-time penetration testing experience
  • Full familiarity with OWASP top 10, SANS top 25
  • Applicants with common industry certifications such as OSCP, OSCE, SANS, CREST, and etc. will be preferred
  • Applicants with public disclosure track record will be preferred
  • Excellent communication skills in written, verbal, and in-person formats
  • High-level knowledge of common platforms and their vulnerabilities
  • BurpSuite expert
  • Ability to configure working login macros
  • Use Repeater and Intruder to manually find flaws
  • Use Scanner in an appropriate manner to automatically find flaws
  • Quickly eliminate false positive based on intuition and response content
  • Alter existing exploits so they apply to different assessment targets

Similar jobs

Security Consultant

CyberrUnited States· 1 wk ago
RemoteInformation Technologyapply on cyberr.ai

Security Consultant

Long View SystemsHouston, TX· 6 days ago
Information Technologyapply on jobs.lever.co

Security Consultant

Abricto SecurityOregon, United States· Today
Information Technologyapply on abrictosecurity.com