Shire Jobs

Job Description

Insight Global is seeking a Sr. Penetration Tester to sit onsite with a fortune 50 client in Plano, TX. Candidates will be working within the Cyber Fusion Center on the Offensive Security Team that is responsible continuously evaluating the cyber security posture through penetration tests and red team engagements to proactively identify gaps and drive mitigations to minimize cyber risk exposure. This team is working off of a ticketing system so the Penetration Tester will be reviewing and responding to pen test requests, meeting with the team that submitted the requests and running scoping meetings, testing, delivering results and answering any follow up questions on the findings. There will also be networking testing responsibilities as well as occasional automation. Additional responsibilities include:

* Conducting penetration tests across Web applications, APIs, Mobile applications, infrastructure, cloud environments, and devices.

* Conduct red team engagements across complex environments (including operational technologies).

* Drive all phases of penetration tests and red team engagements, including Scoping, planning, communications, timelines, and execution of key activities (reconnaissance, vulnerability identification, exploitation, and reporting).

* Develop in-depth reports (issue, severity, impact, remediation recommendations) for penetration tests and red team engagements.

* Develop tools and techniques to automate, scale, and accelerate adversary emulation capabilities and vulnerability discovery.

* Develop exploits and POCs to evade defensive countermeasures and emulate threat actor TTPs.

* Establish and mature team documentation, processes, procedures, and team KPIs.

* Mentor penetration testers, red team members, and other functions where needed to drive unified and holistic outcomes.

* Manage third-party pen test and red team engagements to ensure high-quality products and deliverables.

* Support offensive security research, innovation, and testing across emerging capabilities (e.g. AI, LLM, ML, NLP, Smart Contracts, etc.).

* Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.

* Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape.

* Develop automation to scale global offensive capabilities and operational resiliency.

* Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings.

* Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

-5+ years of experience in a technical security role

-Advanced knowledge of the Burp Suite

-Experience in one or more C2 framework such as Cobalt Strike

-Proficient in at least one scripting language (Python, bash, PowerShell) or one programming language (Java, C#, C++).

-Experience in multiple security domains

-Experience in aligning threat and vulnerability management efforts to frameworks and control objectives - MITRE ATT&CK, NIST CSF, ISO27001, CIS, OWASP.

-Familiarity with defensive and monitoring technologies

-Bachelors degree in computer science/engineering or related cyber field -Experience writing exploits

-Beginning career in a non-security role and moved into security later -- started in networking or development

-Financial services or consulting industry background

-Master's degree in computer science/engineering or related cyber field

-Experience in developing offensive security tooling and automation null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.