Offensive Security Consultant
Stott and May · Brussells, MO · 5 days ago
Information TechnologyFull-time
Vulnerability Assessment & Penetration Testing
To pass the strict administrative screening required by the institutional framework, candidates must fit one of the following compliance structures:
- Option A (Related Degree): A minimum 2-year post-secondary degree in ICT/Cybersecurity AND 4 to 6 years of professional IT experience (with at least 2– 3 years focused directly on vulnerability management or offensive security).
- Option B (Non-Related Degree): A minimum 2-year post-secondary degree in a Non-ICT field AND 6 to 8 years of professional IT experience (with at least 3 years focused directly on vulnerability management or offensive security).
Core Tasks & Responsibilities
- Vulnerability Assessment: Conduct comprehensive, independent vulnerability scans and assessments across complex on-premises and cloud infrastructures (AWS / Azure).
- Analysis & Reporting: Interpret and prioritize scan results using standard risk assessment methodologies (CVE, NVD) and deliver detailed, actionable remediation recommendations to technical teams.
- Scripting & Automation: Develop and maintain custom scripts to automate routine scanning tasks and optimize data analysis.
- Penetration Testing: Collaborate directly with senior offensive security teams to execute manual and automated penetration tests on networks, web applications, and systems.
- Remediation Tracking: Work alongside internal IT operations teams to track, monitor, and validate patch management and vulnerability mitigation progress.
Technical Skills & Tools
- Vulnerability Management: Strong, hands-on engineering proficiency with enterprise scanning platforms (e.g., Tenable, Nessus).
- Automation: Proficient in scripting for security automation using Python, PowerShell, or Bash.
- Systems & Infrastructure: Solid foundational knowledge of operating systems (Windows/Linux) and core networking protocols.
- Offensive Concepts: Clear understanding of standard penetration testing methodologies and basic exploit frameworks.
- Languages: Professional fluency in English (written and spoken) is mandatory.