Offensive Security Consultant

Solutions d’affaires Konica Minolta (Konica Minolta) a entamé son parcours il y a plus de 150 ans, avec la volonté de voir et de faire les choses autrement. Elle fait équipe avec ses clients pour donner forme à leurs idées en appuyant leur transformation numérique grâce à un riche portefeuille de solutions pour un milieu de travail connecté et futé.

Parmi ses technologies d’affaires, on retrouve des services de TI, la gestion intelligente de l’information, des solutions de sécurité vidéo et des services d’impression gérés ainsi que des technologies de bureau et des solutions d’impression industrielle et commerciale. L’année 2025 marque le 20e anniversaire de l’entrée de Konica Minolta dans le marché de l’impression de production; l’entreprise souligne « 20 années d’excellence, d’innovation et de résultats » tout en continuant d’être une figure de proue dans l’impression numérique commerciale.

Offensive Security Consultant candidates are motivated offensive security professionals, often with 2-5 years of pen testing experience not counting previous IT experience. The primary role of an Offensive Security Consultant is to perform External Network Penetration Tests as well as Application Penetration Tests against web applications, mobile applications, and web services.

• Deliver Application Penetration Tests against web apps, mobile apps, web services, and fat-clients
• Security Consultants who have proven adept at application penetration testing will perform small to medium-sized Network Penetration Tests.
• Communicate with customers in a friendly manner, quickly and clearly, and with great accuracy during:
• Kickoff and scoping calls
• Assessment status updates and ongoing project communication
• Report delivery
• Wrap-up meetings
• Non-Billable events such as lunches, conferences, and meetups
• Work towards professional-level certs such as the OSCP if they have not already been achieved
• Assist in enhancing various company methodologies and other documentation
• Work with project management to enhance the company’s overall efficiency
• Assist peers in identifying/exploiting issues during assessments
• Demonstrate excellent writing skills both during email correspondence and report creation
• Prioritize findings based on perceived risk, using existing knowledge of clients’ business to ascertain finding severity
• Lead by example in behavior, work ethic, and punctuality
• Interpret and obey any applicable customer testing restrictions based on scope and kickoff calls
• Utilize non-billable time to work on company-directed internal projects
• Develop and own an area of expertise e.g. web services, SQL injection killer, mobile apps, Powershell, reporting god, Java, XXE skills, etc.
• Contribute to company methodology and vulnerability repositories

• 2+ years’ full-time penetration testing experience
• Full familiarity with OWASP top 10, SANS top 25
• Applicants with common industry certifications such as OSCP, OSCE, SANS, CREST, and etc. will be preferred.
• Applicants with public disclosure track record will be preferred
• Excellent communication skills in written, verbal, and in-person formats
• High-level knowledge of common platforms and their vulnerabilities
• Burp Suite expert
• Ability to configure working login macros
• Use Repeater and Intruder to manually find flaws.
• Use Scanner in an appropriate manner to automatically find flaws.
• Quickly eliminate false positive based on intuition and response content
• Kali Linux
• Github
• Research
• Search for flaws in fingerprinted services/components
• Find exploits in vulnerable fingerprinted services/components
• Use existing research to craft proof of concepts for assessments
• Ability to alter existing exploits so they apply to different assessment targets

Konica Minolta is an equal opportunity and affirmative action employer. We consider all qualified applicants for employment without regard to race, color, religion, creed, national origin, sex, pregnancy, age, sexual orientation, transgender status, gender identity, disability, alienage or citizenship status, marital status or partnership status, genetic information, veteran status or any other characteristic protected under applicable law.