Offensive Security Consultant

4 days ago Be among the first 25 applicants

Offensive Security Consultant candidates are motivated offensive security professionals, often with 2-5 years of pen testing experience not counting previous IT experience. The primary role of an Offensive Security Consultant is to perform External Network Penetration Tests as well as Application Penetration Tests against web applications, mobile applications, and web services. Security Consultants are expected to execute the appropriate testing methodology, identify risk at a level commensurate with the company bar, perform punctually, clearly document findings for multiple audiences, and demonstrate outstanding customer service skills.

• Deliver Application Penetration Tests against web apps, mobile apps, web services, and fat-clients
• Perform small to medium-sized Network Penetration Tests
• Communicate with customers in a friendly and accurate manner during kickoff and scoping calls, assessment status updates, project communication, report delivery, and wrap‑up meetings
• Handle non‑billable events such as lunches, conferences, and meetups
• Work toward professional-level certifications such as the OSCP if not already achieved
• Assist in enhancing company methodologies and documentation
• Collaborate with project management to improve overall efficiency
• Assist peers in identifying/exploiting issues during assessments
• Demonstrate excellent writing skills in email correspondence and report creation
• Prioritize findings based on perceived risk and client business context
• Lead by example in behavior, work ethic, and punctuality
• Interpret and obey any applicable customer testing restrictions based on scope
• Utilize non‑billable time to work on company‑directed internal projects
• Develop and own an area of expertise (e.g., web services, SQL injection, mobile apps, Power Shell, reporting)
• Contribute to company methodology and vulnerability repositories

• 2+ years’ full‑time penetration testing experience
• Full familiarity with OWASP Top 10 and SANS Top 25
• Preferred certifications: OSCP, OSCE, SANS, CREST, and others
• Public disclosure track record preferred
• Excellent communication skills in written, verbal, and in‑person formats
• High‑level knowledge of common platforms and their vulnerabilities
• Burp Suite expert
• Ability to configure login macros and use Repeater/Intruder for manual testing
• Ability to use scanners appropriately to find flaws automatically
• Quickly eliminate false positives based on intuition and response content
• Proficiency with Kali Linux, Git Hub, research techniques, and exploitation of fingerprinted services
• Ability to adapt existing exploits to new targets

Konica Minolta Business Solutions has a legacy of more than 150 years of innovation. We partner with clients to transform their digital experiences through our Intelligent Connected Workplace portfolio. Our services cover IT services, information management, video security solutions, and managed print services. For more information, visit our website or follow us on Linked In, You Tube, and Twitter.

Konica Minolta is an equal opportunity and affirmative action employer. We consider all qualified applicants for employment without regard to race, color, religion, creed, national origin, sex, pregnancy, age, sexual orientation, transgender status, gender identity, disability, alienage or citizenship status, marital status or partnership status, genetic information, veteran status or any other characteristic protected under applicable law.

Konica Minolta Business Solutions (Canada) Ltd. is an equal opportunity employer.