Interested in this position?
Upload your resume and we'll match you with this and other relevant opportunities.
Upload Your ResumeAbout This Role
Perform multidisciplinary assessment services to identify vulnerabilities in web applications, mobile applications, networks, and systems. Deliver highly targeted Red Team engagements and social engineering assessments.
Responsibilities
- Deliver Application Security Assessments against web apps, mobile apps, web services, and fat-clients
- Deliver External, Internal, and Wireless Vulnerability and Penetration Assessments
- Deliver highly targeted and specialized Red Team engagements
- Deliver phishing-based and physical Social Engineering Assessments
- Communicate with customers in a friendly manner, quickly and clearly, and with great accuracy during kickoff, status updates, report delivery, and wrap-up meetings
- Assist in enhancing various company methodologies
- Mentor Security Consultants and assist in their efforts to develop areas of expertise
- Demonstrate the highest level of offensive skills, pre and post-exploitation
- Demonstrate excellent writing skills both during email correspondence and report creation
- Prioritize findings based on perceived risk, using existing knowledge of clients’ business to ascertain finding severity
Requirements
- US CITIZENS ONLY
- Full-time assessment experience with networks and applications
- Longer-term, multi-disciplinary, expert-level IT skills including sysadmin, infrastructure, net-engineering, software development, and security-engineer experience
- Knowledge of all classes of vulnerabilities and exploits
- BurpSuite Expert (BurpSuite Extender plugins, Repeater, Intruder, Scanner, quick elimination of false positives)
- Metasploit Expert
- Ability to script in php/perl/python/bash/etc
Qualifications
- Full-time assessment experience with networks and applications. Longer-term, multi-disciplinary, expert-level IT skills including sysadmin, infrastructure, net-engineering, software development, and security-engineer experience.
Nice to Have
- Public vulnerabilities/exploits to name
- Identifies vulnerabilities and discloses on public software on an ongoing basis
- Writes exploits from scratch if necessary
- Burp Extender contributor
- Github presence
- Kali Ninja
Skills
Python
*
PHP
*
Perl
*
Bash
*
Kali Linux
*
Metasploit
*
BurpSuite
*
* Required skills
Certifications
OSCP
(Required)
HackTheBox Certification
(Required)
OSCE
(Required)
SANS
(Required)
CREST
(Required)
About Aux Partners
Aux Partners is an information security company founded and run by experienced information security engineers, providing consulting services rooted in deep industry experience.
Professional Services
View all jobs at Aux Partners →