
Description of the position
Consultant - Pentration Testing
Stimulating. Motivating. Challenging.
Kudelski Security, a division of the Kudelski Group (SIX: KUD.S), is an innovative, independent Swiss provider of tailored cyber and media security solutions to enterprises and public sector institutions.
Our team of security experts delivers end-to-end consulting, technology, managed services, and threat intelligence to help organizations build and run successful security programs.
Our global reach and cyber solutions focus is reinforced by key international partnerships.
Kudelski Security is headquartered in Phoenix, Arizona and Cheseaux-sur-Lausanne, Switzerland. For more information, please visit: www.kudelskisecurity.com
Reference : 11301
Publication Date : 27-11-2019
Consultant - Pentration Testing
Location : Dallas, United States
Mission
As a member of the consulting services execution team, the Advisory Consultant is responsible for the delivery and execution of Kudelski Security’s technical penetration test suite of services. This is a unique opportunity to deliver and enhance a key set of services focused on security testing and improving our client’s level of preparedness to manage a variety of penetration type engagements.
The ideal candidate will be passionate about cyber security and the delivery of services-based approach to our clients’ challenges. The individual will drive a long-term client satisfaction with an emphasis on delivering world class consulting. Successful candidates are self-driven, autonomous and highly motivated. An individual with a proven ability to work internally and externally to ensure project objectives are met this team leader will have a rare blend of experience, communication skills and general diplomacy required to lead clients through crisis situations. Passionate about building new consulting services and possessing advanced portfolio of incident response skills that provide unique value to our clients.
Who Are You?
- Know the ins and outs around the common professional exploitation frameworks (Core Impact, Canvas, Metasploit).
- Have a strong working knowledge of Exploitation outside of the typical "click to exploit" type testing.
- Strong skills at attacking 3rd party frameworks and various other non-exploit-based techniques.
- You demonstrate full knowledge of MITRE’s ATT&CK framework, execute and chain said TTP’s.
- Have a full working knowledge of KALI Linux or other testing distributions and most of the tools within.
Responsibilities
- Execute the delivery of the projects and specific offerings for the U.S. that supports the overall consulting services strategy focusing on network security testing.
- Lead and execute network, web application, wireless, and social engineering penetration tests that will vary in level of complexity from simple to potentially complex.
- Meet utilization requirements and drive project execution which takes into consideration financial objectives, quality delivery and client needs.
- Contributes to the enhancement of service offerings delivery methodology and reporting deliverables.
- Inspire teamwork across consulting services organizations.
- Serve as a consultant in pre-sales, including assessment of client needs, project scopes and proposal preparation.
- Be an industry spokesperson in front of both small and larger audiences and contribute to industry related thought leadership.
- Share all knowledge and training with internal colleagues and teams.
Requirements / Profile
Background Experience
- Technical degree or equivalent work experience delivering fortune 500 technical consulting services
- Minimum 3 years penetration testing and 3 years of direct client facing experience delivering network security testing to large commercial clients
- Proven subject matter expertise in at least 3 of following areas: penetration testing, application assessments, risk assessments, API assessments, Internal / External penetration testing, cloud and mobile app testing
- Successful track record of delivering security services that have exceeded expectations
- Ability to manage at both long-term planning and operational levels
- Experience in working with enterprise clients & industry technology partners
- Strong network of industry peers and customer relationships
- Experience with the following types of engagements; Purple Teaming, CTF, Red Teaming and social engineering are a must.
- Fluent English required
Technical Experience
- 4+ years of information security experience working in Fortune 500 technology environments.
- 3+ years of hands on experience working with industry standard security tools. (Nessus, Burp, etc.)
- Capable of evaluating an organization’s security program for strengths, weaknesses, and gaps as part of the overall assessment.
- Ability to understand and assist in improving security programs for organizations of varying sizes and industries.
- Ability to evaluate and write Security Program documentation.
- Ability to educate business leaders and communicate effectively not just the technical impacts, but the business impacts of the identified findings.
- Strong debugging and problem-solving skills are mandatory.
- Experience writing functional and technical specifications for software components
- Experience with scripting (ex: Python) is preferred.
Personal Qualities
- Excellent written and spoken communication skills that can showcase the highest level of quality consulting
- Self-Motivated
- Ability to directly handle clients from presales through delivery
- Dependable
- High degree of ethics and personal commitment
- Team player, who is driven to succeed.
- Not intimidated by challenge
Candidates responding to this posting must independently possess the eligibility to work in the United States at the date of hire.
Travel
- 20% or less travel to Kudelski Security corporate and customer locations throughout the United States.
Reference : 11301
Publication Date : 27-11-2019