Knowledge Consulting Group is looking for a Sr. Penetration Tester. The candidate selected for this position will join KCG’s elite division, KCG Cyber Attack and Penetration Division, providing the best in threat simulation services to their commercial clients. This position is a good fit for a person that thinks outside the box, loves to learn, and is passionate about helping clients improve their security posture.
And don’t forget … if your organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Well anyway … on to the job post.
Sr. Penetration Tester
Knowledge Consulting Group
As a Senior Penetration Tester, you conduct highly technical security
assessments for our commercial clients. You are comfortable switching
between assessment types, and well-versed in many attack techniques.
This includes goal-focused exploitation, identifying realistic risks,
and clearly communicating your findings and recommendations to key
stakeholders. You are at home explaining your analyses and
recommendations to both executives and technical personnel and
understand that no two clients are alike. As a subject matter expert
in cyber exploitation, you conduct penetration tests that are
well-defined and diverse. You work well independently with little
supervision, but also enjoy a strong team that shares information
- Conduct a variety of penetration tests for high-end commercial clients
- Prepare and deliver quality reports that comprehensively and clearly explain risk, demonstrate findings, and offer tactical and strategic recommendations to clients
- Deliver debriefing presentations to key stakeholders
- Research the latest exploit methodologies and transfer knowledge to other team-members
- Deliver course content to technical personnel
- Represent KCG at conferences, podcasts, webinars, articles, etc.
- Assist clients with deploying security testing tools (e.g., Metasploit Pro, Nexpose)
- Self motivated, entrepreneurial spirit, and able to work in an
- Strong attention to detail while being able to think
‘outside-the-box’ as needed to achieve results
Demonstrated expertise with:
- Internal network penetration testing
- External network penetration testing
- Web application penetration testing
- Social engineering penetration testing
- Wireless penetration testing
- Physical security penetration testing
- Mobile application penetration testing
- Report writing
One or more scripting languages:
The following tools:
- Metasploit Pro
- BurpSuite Pro
- Vulnerability scanning tools (Nexpose, Nessus)
- Disassemblers/debuggers (IDA Pro, GDB)
Packet capturing tools
Regular expression and stream manipulation tools
Other Qualifications Desired
- Reverse engineering / exploit development CISSP, GPEN, OSCP, CEPT, CEH a plus
- Publications and/or conference speaking experience
- Familiarity with compliance regulations such as PCI-DSS, HIPAA, NIST, FERPA, FISMA, ISO, NIST, etc.
Applicants selected will be subject to a government security
investigation and must meet eligibility requirements for access to
classified information. Must be clearable to the Top Secret level.
About Knowledge Consulting Group
Knowledge Consulting Group (KCG) is one of the largest privately held
cybersecurity services firms in the United States. We operate as a
trusted cyber advisor to our customers across the country. We take
great pride in maintaining a single focus on being the leader in
cybersecurity services, providing risk management, governance,
operations, and compliance services, utilizing our CISO framework
methodology. We are uniquely positioned as a trusted cyber advisor
with over 90 percent of our cyber professionals holding security
clearances and security-specific certifications. With over 12 years of
experience in providing cybersecurity services to our customers, we
have a strong record of past performance in advising and executing
cyber missions for all types of organizations and sectors.
Follow-Up Contact Information
For additional information and to apply, head on over to its requisition.