Penetration Tester Consultant

Location: 100% Remote
Type: Part-time, Project based
Pay: Based on experience, education, geographic location, and market rates.
Travel: None

*** Please ensure you read through the entire job posting and understand the work model, expectations, requirements, and qualification requirements for this role. ***

About Us:
RSI Security is a leading cybersecurity compliance firm that specializes in providing comprehensive security assessment, advisory, and technical security testing services. We support organizations in navigating the complex cybersecurity landscape, ensuring they achieve and maintain compliance while managing risks effectively.

Position Summary:
As a Penetration Tester, you will perform comprehensive penetration testing against enterprise networks. The ideal candidate must have the expertise to perform web application, internal and external network penetration testing, and source code review. In addition, this person will manage regulatory compliance testing needs and make recommendations for improvement.

• Participate in pre-sales calls to scope out and support sales as an SME
• Work with various project teams and project managers to build and execute a project plan
• Act as a consultant to the client as part of the delivery team
• Perform various technical testing projects based on scheduled deadlines and objectives
• Execute penetration tests, social engineering penetration tests, and security assessments, including internal & external networks, web and mobile applications, Windows and Linux environments, AWS architecture, IoT devices, and more.
• Create and analyze assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps.
• Develop tools and scripts to automate and improve current pentesting processes.
• Conduct new security research and work with others to develop blog posts on findings.
• Provide subject matter expertise and guidance utilizing tools and techniques to conduct cyber vulnerability and penetration testing.
• Work closely with the Project Management team and the Technical Advisory and Consulting team.
• Actively continue education and technical skill development, improving security capabilities.

Qualifications:

• 2 years of proven experience working for cybersecurity service providers
• 2 years experience with client-facing projects providing penetration testing services
• Strong application penetration testing with a development background is preferred, but not required
• 1 year of network penetration testing experience
• Bachelor’s Degree in Information Technology, Information Security, or related field.
• CISSP, CEH, and CRISC certifications.
• Well-rounded knowledge of operating systems, networks, and scripting.
• Familiarity with security testing tools (Qualys, Nexpose, SAINT, AppSpider, Metasploit, nmap, etc.).
• Experience working with basic network protocols (e.g., TCP/IP, SSH, HTTP, DNS, SMB, etc.).
• Strong knowledge of tools used for wireless, web application, and network security testing.
• Strong analytical and problem-solving skills.
• Excellent written & oral communication skills as well as presentation skills.
• Works with integrity and ethics.
• Security-related certifications (ISSAP, GIAC, OSCP, OSCE, GPEN, or GXPN, etc.) are highly desired, but not required.

Our commitment to equity, equal opportunity, inclusion, and diversity is part of our broader commitment to respecting fundamental human rights across our value chain. RSI Security is proud to be an Equal Opportunity Employer. The Company will consider for employment qualified applicants with arrest and conviction records.

Equal Opportunity Employer/Veterans/Disabled