Penetration Tester II

Description

Position Summary:

The Penetration Tester II will conduct technical testing which includes but not limited to vulnerability scanning, penetration testing and social engineering to identify security risks. Based on the results of the testing, this position will then make recommendations for improvements through administrative, technical and physical controls. This position will also assist with incident response investigations and documentation surrounding the incident.

Roles and Responsibilities/ Essential Functions:

• Perform vulnerability scanning and penetration testing of Client’s infrastructure, systems and applications in accordance with best practices and regulatory requirements.
• Communicate identified risks with Heartland’s clients and provide recommendations for risk mitigation.
• Perform social engineering assessments such as email phishing, pretexting phone calls and physical entry, as well as provide recommendations for risk mitigation.
• Assist Information Security Consultants with review or analysis of technical projects and troubleshooting.
• Assist the Sales Team Member efforts by supporting initial scoping conversations and performing needs analyses to help drive business development efforts. Identify additional opportunities within existing client base and work with client to expand usage of Heartland’s service portfolio.
• Contribute to marketing activities by providing content suggestions and writing blog articles covering technical topics and attending trade shows, conferences, and professional association chapter meetings.
• Maintain a minimum of 1350 hours billed per fiscal year, prorated based on start date. These charge hour requirements will be balanced against professional development and on-the-job training.

Requirements

Competencies:

• Accountability: Willingness to accept responsibility.
• Ambition: Demonstrates drive and initiative in seeking personal advancement or recognition.
• Business Acumen: Ability to understand and discriminate between various business-related topics and issues.
• Communication: Exceptional written, oral, interpersonal, and presentation skills.
• Detail Oriented: Ability to pay meticulous attention to all aspects of a situation or task.
• Ethical: Guided by the company’s accepted principles of moral conduct.
• Organized: Structured and methodical working skills.
• Persistence: Ability to continue in a course of action in the face of adversity.
• Working Under Pressure: Maintain composure when exposed to stress.

Required Experience:

• 2+ years working with penetration testing, vulnerability scanning/assessments.
• This can be on-the-job or demonstrated knowledge leveraging a platform like TryHackMe or HacktheBox.

Preferred Experience:

• 3+ years working with utilities such as Nessus, Metasploit, BurpSuite.
• 2+ years managing small projects.
• Ability to write executive-level reports showcasing findings and recommendations.

Required Skills, Education and/ or Certifications:

• Certifications: eJPT, Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN).
• Ability to work within a team environment.

Preferred Skills, Education and/ or Certifications:

• Professional Certifications Preferred – e.g., OSCP, PNPT.

Equal Opportunity Employer - Including Disabled and Veterans

#HBS