Job Details

OccamSec is a leading provider in the world of cybersecurity. Our clients rely on us to provide information security services that exceed current industry standards. We provide accurate, actionable information to reduce risk and enable better informed decisions. Our unique end-to-end solutions detect, identify, respond, and protect in order to maximize the effectiveness of our clients` security programs.  You can visit us online at www.OccamSec.com.

The Penetration Tester is responsible for working as part of the Assessment Team to conduct and participate in offensive and defensive security projects for OccamSec and its clients. This individual will work as part of a security team and report to an Assessment Team Lead.

Job Responsibilities:

• Conduct security audits, network penetration tests, and web application, API and cloud assessments.
• Draft security assessment reports that outline findings and provide a walkthrough of the assessment performed with evidence provided appropriately.
• Use social engineering to identify improvement for security awareness and education.
• Provide guidance and recommendation to clients on ways to fix or reduce security risks to their networks and products.
• Operate as part of a team on larger, more complex projects with oversight from senior team members.
• Operate independently on projects within defined skill set, with oversight from a Project Manager.
• Maintain proficiency in current security tools and skills.
• Successful candidates will need to reside on the island of O'ahu.
• This job will be primarily remote, however the occasional on-site meeting may be needed depending on client requirements.

Experience:

• Proficient in working with AWS services like EC2, S3, KMS, RDS, or similar services on Azure & GCP, with a focus on implementing security best practices.
• Skilled in conducting penetration tests for API, Mobile, Cloud, and Web Applications.
• Familiarity with scripting languages such as Python, Perl, Go or Ruby.
• Hands-on experience in building or developing Server or Application Technologies.
• Utilized penetration tools effectively in various scenarios.
• Applied expertise in replicating threat behaviors.
• Proficient in using packet analyzer tools like Wireshark and tcpdump.
• Sound understanding of IP network protocols, sub-netting, routing, switching, etc.
• Extensive background in penetrating and exploiting secure networks and systems, staying updated with the latest security software packages, protocols, and computer technologies.
• Excellent written and oral communication skills, with a proven track record in generating comprehensive reports and assessments.