Penetration Tester/Red Team Member

[24]7 - San Jose, CA3.9

Full-timeEstimated: $72,000 - $100,000 a year
The Penetration Tester will have experience performing hands-on penetration testing, security test planning, and vulnerability analysis; focusing on automated and manual exploitation of applications, networks, and system level designs and implementations. This position requires a strong ethical hacking mindset with proven professional experience in assessing diverse network and system architectures in a comprehensive manner. The successful candidate will enjoy working in a dynamic, responsive, and collaborative environment and be dedicated to the success of customers. Experience and detailed technical knowledge in information security engineering, secure architecture development, system and network security, authentication and security protocols, applied cryptography, and application security is essential. Must have the ability to communicate with and distill information from technical resources during formal and informal meetings. Must be able to work both independently and as a part of team testing efforts.

Required Qualifications

Overall 3+ years of Information Security experience
At least 1 year experience performing application security assessments
2+ years Red Team experience
Capable of working outside the box
Knowledge of OSI layers
Working understanding of OWASP Top 10 vulnerabilities, how they are exploited, and a notion of how to they are fixed.
software exploitation experience and familiarization with XSS, SSJS, filter bypassing, SQL Injection, etc.
Familiarity with interpreting log output from networking devices, operating systems and infrastructure services
Familiarity with common reconnaissance, exploitation, and post exploitation frameworks.

Preferred Qualifications

Knowledge of malware packing and obfuscation techniques
Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc).
Strong knowledge of networking protocols and packet analysis
Must have the ability to perform targeted penetration tests and exploitation(s) without use of automated tools
A good understanding of Penetration testing methodology (recon [active & passive], vulnerability analysis, exploitation, lateral movement, and reporting).
Experience with obtaining access through spear phishing, HID exploitation, rogue access points, etc.

Other Responsibilities:
Team oriented to share best practices and always strive for improvement
Highly skilled in both written and verbal communication
Ability to write comprehensive reports regarding computer forensic and intrusion / analytical findings
Research tools, techniques, countermeasures and trends in network vulnerabilities, data hiding and network security
Assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions

ABOUT [24]7

[24]7 is redefining the way companies interact with consumers. Using artificial intelligence and machine learning to understand consumer intent, [24]7’s technology helps companies create a personalized, predictive and effortless customer experience across all channels. The world’s largest and most recognizable brands are using intent-driven engagement from [24]7 to assist several hundred million visitors annually, through more than 1.5 billion conversations, most of which are automated. The result is an order of magnitude improvement in digital adoption, customer satisfaction, and revenue growth. For more information, visit: .