• Penetration Testers tasks can be divided into Project Management and Delivery, Offensive Security Development and Cyber Security research
• Project Management and Delivery
• Participate in discovery and analysis of client needs.
• Organize and lead offensive security services for clients of CyberOne.
• Execute internal, external, wireless, and web application penetration tests.
• Execute social engineering tests, including phishing, vishing, and physical.
• Develop technical solutions to help mitigate security vulnerabilities.
• Provide external training to CyberOne customers.
• Offensive Security Development
• Develop tools to aid Section8, and the community in conducting offensive security services.
• Cyber Security Research
• Research and study security vulnerabilities from a multitude of products
• Research and develop practical tools to protect native systems, including both host and network side defense.
• Collaborate with the security community in improving both offensive and defensive security methods and tools.
• Research and stay knowledgeable on paper/blog write-ups to share information with the community.

Education/Experience Required

• 2+ years performing penetration testing.
• Experience communicating and presenting technical information.
• Fluent knowledge of a scripting language (e.g. Python).
• Offensive Security Certified Professional (OSCP) or eLearnSecurity - Certified Professional Penetration Tester (eCPPT).
• Show familiarity with various network architectures, network services, system types, network devices, development platforms and software suites required (e.g. Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.)
• Excellent ability to define problems, formulate solutions, effectively collaborate and communicate, plan and execute.
• Knowledge around web applications and networking.

Education/Experience Preferred

• Bachelor’s or master's degree in computer science or related engineering field.
• Offensive Security Certified Expert (OSCE).
• Vulnerability Research experience as well as experience reporting and publishing information around discovered vulnerabilities.

Skills/Abilities

• Provided training or presentations at security conferences such as DefCon or BlackHat.
• Vulnerability Research experience as well as experience reporting and publishing information around discovered vulnerabilities.

• Work is performed indoors in a climate-controlled environment.
• Travel may be required up to 25%.
• May be required to work evenings, weekends to meet company and customer needs.
• Ability to remain in a stationary position 50% of the time.
• Must be able to move about inside a professional office environment.
• An environment that empowers employees to contribute to an organization that embraces a fail-fast mentality.
• Open, supportive, and collaborative work environment.

"Recruitment Agencies Please Note:

"In accordance with our recruitment policy, CyberOne strictly prohibits any form of solicitation of our employees by external agencies or third parties. Any candidate information that may be received from such agencies or third parties shall be deemed as a voluntary gift and shall become the exclusive property of CyberOne. Exceptions to this policy apply only when an Agency/Third Party is an Authorized Vendor of CyberOne, holding a valid and current contract that has been duly signed by the HR Manager or CFO of CyberOne. Under no circumstances will any payment be made to any Agency/Third Party unless they are an Authorized Vendor or possess written approval from the CyberOne HR Manager or CFO, granting them explicit permission to engage in recruitment efforts on behalf of CyberOne."