Penetration Tester

Job Description

Our Professional Services division is currently seeking a Penetration Tester. The Professional Services cybersecurity practice performs security and governance assessments, analysis, and penetration testing within Flexential and customer environments.

In this role you will provide consulting services to professional services customers with an emphasis on those related to a customer’s cybersecurity posture. This includes cybersecurity and compliance assessments, analysis, and penetration testing within Flexential and customer environments.

• Conduct infrastructure focused penetration testing on the internal and external attack surfaces for organizations. Gain access to restricted systems and perform lateral movement and create persistent access.
• Conduct social engineering engagements to test the human weakness. Coordinate email phishing campaigns and perform social engineering attacks to gain credentials.
• Conduct web-based penetration testing on public-facing Applications and APIs. Search for known weak configurations to elevate privilege or gain remote access.
• Conduct device level penetration testing on wireless systems and IoT devices. Reverse engineer firmware to find unintended methods of access.
• Create and deliver a complete report of testing, including methodology, resources and mitigation paths.
• Explain paths of attack taken during engagement and provide clear methods of mitigation to customers.
• Design and implement new attack tools to aid during engagements.
• Conduct vulnerability management for customers, including remediation, validation, escalation, and reporting.
• Coordinate communication with internal, customer, and vendor resources and facilitate escalations of issues as appropriate.
• Learn (and share) new skills through independent research, formal training, and industry events.
• Troubleshoot difficult problems and recommend appropriate actions.
• Work beyond routine nature of tasks utilizing specialized knowledge and technology.
• Exhibit thorough oral and written communication skills.
• Perform rotational 24×7 on-call support with occasional travel required.
• Perform other job-related duties as required.

• 2+ years’ experience with infrastructure architecture and administration.
• 1+ years’ experience in security and compliance related work.
• Bachelor’s degree in Information Technology or related field required or equivalent experience.
• Interest in learning new skills and keeping pace with changing technologies.
• Ability to problem solve and work with others to find the best solution.
• A commitment to providing our customers with 100% satisfaction.
• Developed initiative, judgment, and time management skills.
• Precision in your work and attention to all details.
• Strong interpersonal and written communication skills.
• Capability to work independently and self-motivate.
• Ability and drive for continued learning.

• 1+ years of experience in DR or business continuity related work are considered a plus.
• Familiarity with compliance and regulatory requirements such as HIPAA, PCI, CJIS, CMMC, GDPR, and/or CCPA is a plus.
• OSCP certification preferred.
• Technical certifications such as CISSP, CEH, etc. are considered a plus.

• Ability to sit for extended periods of time
• Walk or Stand for 5% of the time
• Moderate or advanced keyboard usage
• Lift 25 lbs.
• Travel 5% of the time

Annualized salary range offered for this position is estimated to be $110,000 - $150,000
. However, the actual pay range depends on each candidate’s experience, location, and qualifications.

Discretionary annual bonus, based on personal and company performance.

• Ergonomics

Not meeting every single requirement? No problem! We are looking for candidates who possess unique skills that set them apart from the rest. If you're enthusiastic about this role and believe you have the skills and abilities that would make you successful, don't hesitate to apply today!

• Medical, Telehealth, Dental and Vision
• 401(k)
• Health Savings Accounts (HSA) and Flexible Spending Accounts (FSA)
• Life and AD&D
• Short Term and Long-Term disability
• Flex Paid Time Off (PTO)
• Leave of Absence
• Employee Assistance Program
• Wellness Program
• Rewards and Recognition Program

Benefits are subject to change at the company's discretion.

Flexential participates in the E‑Verify program. Please  for more information.

EEOC Statement:
Flexential is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.