Security Engineer - Penetration Tester - Remote Position

Avalon Document Services - Buffalo, NY (30+ days ago)2.9


Avalon started in 2000 with three people in Syracuse, New York. We prided ourselves on high-quality products and a high level of customer service. We still provide the traditional services that got us started, but Avalon has evolved to offer a wide array of niche services including digital forensics, cyber security, and eDiscovery to a number of industries.

In 2016, Avalon formalized a long-time strategic partnership with highly respected DIGITS LLC, a digital forensics and cyber security company that provides high-end investigations and cyber security services to companies all over the United States. This partnership has further allowed Avalon to provide services to help clients overcome the constantly evolving challenges related to investigations, litigation, and network security. Our company has grown to over 140 team members in 6 offices across 3 states, serving clients all over the United States. At our core, we are problem solvers. We work hard to find solutions to our clients’ challenges, and continue to prove that no one can out-service our team.

Job Summary:
The Security Engineer is responsible for performing penetration testing and vulnerability assessment work on and within client environments. This includes using tools, tactics and procedures to analyze and attack a diverse variety of applications, systems, networks, databases and other key areas of the client’s infrastructure. In addition, this position works closely with lead engineers to design, implement, and service our MSSP solutions.

Job Responsibilities:
Assist with the development of processes and procedures to improve penetration testing and vulnerability assessment services.
Communicate clearly verbally and in writing with clients and stakeholders.
Develop tools and exploits to support penetration testing and vulnerability assessments.
Perform Network, System and Application level vulnerability and penetration testing activities.
Thoroughly document penetration tests and vulnerability assessments engagements.
Analyze engagement outcomes and make recommendations based on findings.
Prepare engagement reports outlining testing methods, actionable findings and recommendations for mitigation strategies.
Active Cyber Threat Hunting using both manual and machine-assisted techniques to identify tactics, techniques and procedures of advanced adversaries or threat agents.
Monitors SIEM and EDR environments for MSSP client security events and alerts to potential or currently active threats, intrusions and/or compromises.
Assists with triage of service requests from MSSP clients and internal teams.

Knowledge, Skills, and Abilities Required:
Bachelor’s degree in Computer Science, IT, or Cyber Security.
Minimum 3 years of experience performing penetration testing.
1+ years of experience with Blackbox or Kali Linux.
2+ years of experience with penetration testing tools: Burp, Nmap, Metasploit.
1+ years of experience with Perl, Python, PowerShell or other scripting languages.
1+ years of experience with non-relational databases (ELK, Splunk, Sumo Logic).
Strong experience with Linux, Unix environments required.
Security certifications desired: OSCP, GCIH, CISSP, GPEN.
Effective problem solving, interpersonal, and multitasking skills required.
Excellent verbal and written skills required to communicate and provide quality customer service and client experience.

Avalon provides comprehensive training and solid leadership. Your personal growth and success are very important to the senior leadership team. Avalon offers competitive pay, commensurate with experience and a benefits package is available upon hire. Avalon offers paid time off (PTO), paid holidays, medical, dental, vision, health savings account, hospital indemnity, critical illness, accident, Metlaw legal plans, life insurance, 401K with a match, and short term and long term disability.

Please visit our website at for more information.