Senior Penetration Tester - Remote

<strong>Join us for our opportunities; stay for your future.</strong>

Remote - Nationwide

Schellman & Co., LLC.

<p><strong>For the past 17 years, Schellman has consistently changed the landscape of compliance.&nbsp; While we&rsquo;re extremely proud of our successful history, we&rsquo;re not resting on it.&nbsp; 2019 is another year of moving forward:&nbsp; new service offerings, increased in-house certifications, additional benefits in our already amazing package, expanded community service initiatives, just to name a few.</strong></p> <p><strong>Not all CPA firms are created equal and we are definitely different. &nbsp;No time-reporting, promotions only from within, the ability to contribute and be heard, and most importantly, great work-life balance.&nbsp; The biggest difference?&nbsp; We don&rsquo;t perform any remediation or consulting.&nbsp; Our pace is fast and therefore, we are not the best fit for everyone.</strong></p> <p><strong>If you&rsquo;ve always thought of yourself as someone who sets themselves apart from the crowd, as someone who likes to be visible and have their contributions noted, and likes the feeling of completion, we&rsquo;d love to hear from you.&nbsp;</strong></p> <span style="text-decoration: underline;"><strong><br /><br /></strong></span>

keywords: passion,quality assurance,network,knowledge,security,environment,operating system,quality assurance,degree,experience,client focus

Full time

Overview: <p dir="LTR">If Pen Testing is your passion, if you love to do CTFs in your spare time (the 2nd step of our interview process!), if you have your OSCP, if you dream about attending security conferences (e.g. BlackHat, ShmooCon, DefCon, etc.) or eagerly git clone the latest tools / frameworks to play with in your home lab, then you&rsquo;re exactly who Schellman is looking for to join our <span class="WMP2">team.&nbsp;&nbsp;&nbsp;</span></p> <p dir="LTR">There is no typical day for our Pen Testers.&nbsp;Our clients rely on us to find a myriad of vulnerabilities across network, application, mobile, cloud, wireless and other <span class="WMP2">assessments.&nbsp;The</span> benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest cloud technologies and endpoint protection.&nbsp;Our team is remote yet extremely collaborative and works together to utilize their different backgrounds and experience to solve these problems.&nbsp;</p> <p dir="LTR">In addition to the hands-on training, Schellman also promotes a continuous learning <span class="WMP2">environment.&nbsp;Team</span> members are encouraged to attend at least one security conference and training event every year to stay on the cutting edge of the industry.</p>
Responsibilities: The primary responsibilities for this position will be leading network, application, and mobile penetration testing, as well as furthering team development and advancing the practice. Senior Penetration Testing Associates perform project execution and report preparation activities as the delivery lead on an engagement.
Requirements: <ul> <li><strong>At least three years hands-on penetration testing experience</strong></li> <li><strong>At least one year of web application penetration testing experience</strong></li> <li><strong>Completion of the OSCP Certification</strong></li> <li><strong>Demonstrated enthusiasm for Information Security&nbsp;</strong>(e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges &ndash; SANS Holiday Hack, HackerOne CTF,, etc.)</li> <li>Degree in computer science or information technology</li> <li>Competency in common operating systems (e.g. Windows, macOS, Linux)</li> <li>Proficiency with at least two scripting languages (e.g. Python, Bash, JavaScript, PowerShell)</li> <li>An understanding of cloud computing models, technologies and concepts</li> <li>Knowledge of PCI and FedRAMP programs</li> <li>A passion for identifying and exploiting vulnerabilities</li> <li>Demonstrated entrepreneurial abilities, client focus, industry savvy, and the ability to work independently or as part of a collaborative team</li> <li>Self-driven in a remote working environment, motivation to continuously improve your skillset</li> </ul>