STS is looking to hire a
1- Sr. Offensive Security Pentest Engineer, Security Delivery for Jordan
STS's Security team is looking for an Sr. Offensive Security Pentest Engineer that can deliver technical expertise for our offensive security Penetration Testing team and execute tactical, offensive assessments across our environments. This individual should have extensive experience across the attack lifecycle and a demonstrated capacity to lead, design, and execute a penetration test against various technologies and stacks. Candidates are expected to scope, prepare and deliver technology-oriented assessments that positively benefit the overall security posture of the organization. This role requires a desire to help drive fixes after testing cycles, both as short term mitigations and long term improvements.
- Conduct penetration tests focused on both the unique systems and technologies used at customer side, as well as approved third party software and vendors
- Help in the building of tooling to automate portions of pentests, scoping or other offensive security work, and use this model to inform and drive our assessments.
- Design, scope, and lead deep technical assessments on internal and external facing systems
- Perform research to identify new ways of achieving your mission
- Work with vulnerability management, production security and other security programs to align remediation efforts and best protect the company from known threats
- Bachelor’s or master’s degree in computer science, computer Engineering, information technology, information assurance/cyber-security, or a related technical discipline
- 3+ years of experience practicing application security assessments and penetration tests
- Experience performing internal and external assessments
- Experience in leading a team during penetration tests
- Knowledge of server (Linux, Windows) and client (Windows, OS X, Linux) operating systems
- Knowledge and understanding of attack surfaces for enterprise systems and services
- Experience in at least one of PHP/Hack, Python, C/C++, Go or Java
- Experience working in cross-functional programs
- Experience translating technical concepts into language that is understood to audiences including software engineers, business and technical leader
- Experience performing and leading whitebox and blackbox style assessments
- Experience with complex, multi-stage, multi-person pentests for new internal customers or external vendors
- Networking knowledge, including network virtualization technologies and ideally IPv6