• Lead technically challenging projects with complex technology stacks across multiple modalities.
• Interface with clients, establish technical competency, and deliver sophisticated projects.
• Provide technical subject matter expertise to sales team for client inquiries and engagement proposals.
• Enhance, improve, and streamline security service line offerings.
• Conduct technical assessments, such as network penetration tests, static/dynamic code analysis, bug hunting, social engineering and various information security gap assessments.
• Improve and evolve company services and processes.
• Provide expert security advice to clients.
• Develop sound, secure and scalable security programs/solutions to solve client issues.
• Participate in sales calls, presentations, and meetings.
• Support company marketing events, such as trade shows and exhibits.
• Security research contribution via blogging, white papers, bug hunting and creating scripts.
Knowledge, Skills, and/or Abilities Required:
• A thorough understanding of software development principals and at least intermediate knowledge of Python.
• A thorough understanding of Windows/Linux/MacOS operating systems, web application concepts and network/storage/compute infrastructure.
• Intermediate knowledge of Web Services technologies such as XML, JSON, SOAP, REST, AJAX, etc.
• Intermediate database knowledge of SQL, MySQL, Oracle, Postgres, etc.
• Penetration testing experience with Shodan, Google Dorking, Recon-ng, MetaSploit, OpenVas, Burp OWASP Zap, NetSparker, HashCat, BEEF, THC Hydra, Wireshark, Airodump-ng & Aircrack-ng, Maltego, PowerSpoit, MITM tools, etc.
• Social engineering and physical security testing experience including RFID duplication, RubberDucky payloads, Wifi Pineapple, lock picking, Social-Engineer Toolkit, GoPhish, etc.
• A general familiarity with various regulatory compliance requirements (HIPAA, PCI-DSS, SOX, FISMA).
• One or more IT certifications or agree to achieve one of the following: OSCP, GWAPT, GPEN, LPT, CPT, CEPT, CEH, CISSP, CISA/CISM, etc.
• Remote work from home acceptable.
• Must be willing to travel to Manhattan on a monthly basis.