Position Summary: The Penetration Tester will conduct technical testing which includes but not limited to, vulnerability scanning, penetration testing, and social engineering to identify security risks. Based on the results of the testing, this individual will then make recommendations for improvements through administrative, technical, and physical controls. This position will also assist with incident response investigations and documentation surrounding the incident.
Roles and Responsibilities/ Essential Functions:
Perform vulnerability scanning and penetration testing of Client's infrastructure, systems, and applications in accordance with best practices and regulatory requirements.
Communicate identified risks with Heartland's client and provide recommendations for risk mitigation.
Perform social engineering assessments such as email phishing, pretexting phone calls, and physical entry, and provide recommendations for risk mitigation.
Assist Information Security Consultants with review or analysis of technical projects and troubleshooting.
Assist the Sales Team Member efforts by supporting initial scoping conversations and performing needs analyses to help drive business development efforts. Identify additional opportunities within existing client base and work with client to expand usage of Heartland's service portfolio.
Contribute to marketing activities by providing content suggestions and writing blog articles covering technical topics -- and attending trade shows, conferences, and professional association chapter meetings.
Minimum of 1,350 hours billed per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on the job training.
Requirements:
Competencies:
Accountability: Accountability looks at the extent to which an individual is willing to accept responsibility.
Ambition: Ambition looks at the extent to which an individual demonstrates drive and initiative in seeking personal advancement or recognition•
Business Acumen: Business acumen looks at the ability of the individual to understand and discriminate between various business related topics and issues. This includes insight into, and understanding of, specialized business concepts.
Communication: Ability to promote understanding through exceptional written, oral, interpersonal, and presentation skills.
Detail Oriented: Detail orientation looks at the ability of the individual to pay meticulous attention to all aspects of a situation or task, no matter how small or seemingly unimportant.
Ethical: Ethics looks at the ability of the individual to be guided by the company's accepted principles of moral conduct.
Organized: Organizational skills looks at the ability of the individual to be structured and methodical in working skills.
Persistence: Persistence looks at the ability of the individual to continue in a course of action in the face of adversity.
Working Under Pressure: Working under pressure looks at the ability of the individual to maintain composure when exposed to stress.
Required Experience:
1+ years working with penetration testing, vulnerability scanning/assessments
This can be on the job or demonstrated knowledge leveraging a platform like TryHackMe or HacktheBox
Preferred Experience:
1+ years working with the following utilities - (Nessus, Metasploit, BurpSuite)
1+ years managing small projects
Ability to write executive level reports showcasing findings and recommendations
Required Skills, Education and/ or Certifications:
Certifications: (eJPT, Certified Ethical Hacker CEH, or GIAC Penetration Tester GPEN, or other current industry standard certifications in areas of security expertise)
At least one of these will be required within 6 months of employment
Ability to work within a team environment
Preferred Skills, Education and/ or Certifications: