Senior Penetration Tester (Charlotte, NC)

Job Title: Senior Penetration Tester

Location: Charlotte, NC

Job Description:

We are seeking a seasoned Senior Penetration Tester to join our team in Charlotte, NC. As a Senior Penetration Tester, you will lead the assessment of our clients' networks, systems, and cloud environments, identifying vulnerabilities and providing strategic recommendations to enhance their security posture. This role requires extensive experience in wireless and networking security, as well as proficiency in cloud penetration testing techniques.

Key Responsibilities:

1. Lead comprehensive penetration tests on networks, systems, and cloud environments to uncover vulnerabilities and potential security risks.
2. Utilize advanced manual and automated techniques to exploit vulnerabilities and simulate sophisticated cyber attacks.
3. Spearhead wireless network penetration testing efforts to identify weaknesses in Wi-Fi networks and recommend robust mitigating controls.
4. Assess the security of cloud platforms such as AWS, Azure, and Google Cloud through advanced penetration testing methodologies and configuration reviews.
5. Collaborate closely with cross-functional teams to prioritize and remediate identified vulnerabilities based on thorough risk assessment and impact analysis.
6. Produce high-quality penetration testing reports detailing findings, including actionable recommendations for remediation and risk mitigation.
7. Stay abreast of emerging cybersecurity threats, vulnerabilities, and mitigation strategies, and actively contribute expertise to the team's knowledge base.
8. Provide mentorship and guidance to junior team members, fostering their professional growth in the field of penetration testing and cybersecurity.

Requirements:

1. Bachelor's degree in Computer Science, Information Security, or related field. Equivalent work experience may be considered.

2. Minimum of 7 years of progressive experience in penetration testing, with a specialization in network and cloud security.

3. Expertise in utilizing industry-standard penetration testing tools such as Nmap, Metasploit, Wireshark, and Aircrack-ng.

4. In-depth understanding of networking protocols and technologies, including TCP/IP, DNS, DHCP, and HTTP.

5. Demonstrated proficiency in conducting wireless network penetration testing using advanced tools and techniques.

6. Extensive experience conducting cloud penetration testing across platforms such as AWS, Azure, and Google Cloud, with a deep understanding of cloud security best practices and configurations.

7. Exceptional communication skills, with the ability to articulate technical concepts clearly to both technical and non-technical stakeholders.

8. Recognized industry certifications such as:

   • Offensive Security Certified Expert (OSCE)
   • Certified Information Systems Security Professional (CISSP)
   • Certified Ethical Hacker (CEH) Master
   • Certified Cloud Security Professional (CCSP)
   • Cisco Certified CyberOps Professional

9. Must be a US Citizen.

Preferred Qualifications:

1. Proficiency in scripting languages such as Python, PowerShell, or Bash for automation and tool development.
2. Familiarity with DevOps principles and practices, including experience with containerization technologies like Docker and Kubernetes.
3. Knowledge of web application security testing methodologies, including familiarity with OWASP Top 10 vulnerabilities.
4. Experience with compliance frameworks such as PCI DSS, HIPAA, and NIST SP 800-53.