Junior Penetration Tester
Black Lantern Security is a Services Oriented Company
• Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
• No one "mastermind"
• No "cult of personality"
• Competitive compensation and benefits
• Healthy work-life balance
• Project-based engagements that play to the team's strengths
Junior Penetration Tester
Location: Remote
Required:
• Technical Cybersecurity experience.
• Experience in penetration testing, computer network attack (CNA), and/or computer network defense (CND).
• Experience with basic scripting languages including bash and/or PowerShell.
• Experience with at least one object-oriented programming language (Python, Ruby, Java, etc.).
• Must be US citizen (must be willing to submit to federal, state, and local background checks and other requirements).
• Knowledge of Windows, Unix, TCP/IP, IDS/IPS, and web content filtering.
• Demonstrated ability to:
• Adhere to the highest standards of honesty and scientific and business integrity.
• Think critically about complex problems and situations.
• Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).
• Develop novel attack vectors based on newly discovered vulnerabilities.
• Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND).
• Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the Mitre Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework.
• Go beyond automated and “push-button” attack tools and utilities.
• Possess a basic understanding of regulatory standards and requirements including the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA).
Responsibilities:
• Project-Based
• Help develop and deliver test strategies for attacking and assessing complex and distributed systems.
• Provide representative tactics, techniques, and procedures (TTPs) for opportunistic, advanced, and sophisticated attackers according to customer goals and objectives.
• Prepare clear and concise situation reports and activity summaries for BLS customers and senior leadership.
• Execute verification and validation testing for customer mitigations and fixes.
• Develop and deliver walkthrough(s), proof(s) of concept (PoCs), articles, and formal presentations.
• Research and Development (R&D)
• Attend and/or present at professional conferences and events.
• Conduct independent research for:
• The development of novel attack methods.
• Discovering new and/or undisclosed vulnerabilities.
Apply tot his job
Apply To this Job