Lead Penetration Tester

Xtreme Inc
Traverse City, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Traverse City, United States of America

Tech stack

Microsoft Windows
Microsoft Active Directory
API
Software System Penetration Testing
Burp Suite
Cloud Computing
Cloud Computing Security
Computer Security
Kali Linux
NMap
Open Web Application Security
PCI Data Security Standards
Red Team (Cyber Security)
Web Applications
Cloud Platform System
Information Technology
Metasploit
Nessus
Wireless Technologies

Job description

Xtreme Solutions will execute the assessment over a five-week period utilizing a team of certified cybersecurity professionals specializing in penetration testing, Microsoft 365 security, Active Directory security, cloud security, and cybersecurity reporting. Activities begin with project kickoff and rules of engagement development, followed by concurrent external, internal, and Microsoft 365 security assessments. Findings are validated through peer review and quality assurance processes before being compiled into comprehensive technical and executive-level reports. The engagement concludes with an executive briefing and remediation roadmap presentation. Optional retesting services may be performed following remediation activities to validate corrective actions and confirm risk reduction., The Lead Penetration Tester serves as the technical authority for all penetration testing activities and is responsible for planning, executing, and reporting on security assessments of networks, applications, cloud environments, wireless systems, and enterprise infrastructure. The Lead Penetration Tester provides overall quality assurance, validates findings, and briefs executive stakeholders on risk and remediation strategies., * Lead external and internal penetration testing engagements.

  • Conduct network, web application, API, cloud, and wireless assessments.
  • Develop attack scenarios based on real-world adversary tactics.
  • Perform manual exploitation and validation of vulnerabilities.
  • Lead red team exercises and adversary emulation operations.
  • Document findings with technical evidence and remediation recommendations.
  • Present assessment results to technical and executive audiences.
  • Ensure testing activities align with NIST, OWASP, PCI-DSS, and FedRAMP requirements.
  • Mentor junior penetration testers and review deliverables.

Requirements

Do you have experience in Vuls?, Do you have a Bachelor's degree?, * Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field.

  • Minimum 8 years of cybersecurity experience.
  • Minimum 5 years of penetration testing experience.
  • One or more of the following certifications:
  • OSCP
  • OSCE
  • GXPN
  • GPEN
  • CEH
  • CPTE
  • Experience with:
  • Burp Suite
  • Metasploit
  • Kali Linux
  • Nmap
  • Nessus
  • OWASP Testing Methodology

Nice-to-Have

  • CISSP
  • CREST CRT
  • eWPT
  • Experience supporting federal agencies or DoD customers.

Apply for this position