Rapidly expanding Cyber Security consulting group can offer you the opportunity to work on cutting edge Cyber Security Consulting projects with Fortune 500 companies. If your passion is cyber security in a highly collaborative, fast paced, and agile environment across large global enterprises then this organization will appeal to you. Excellent compensation including strong bonus and excellent benefits package combined with the chance to work with the top cyber security professionals on the most advanced security systems make this an unparalleled opportunity.
- Be responsible for a variety of activities including network penetration assessments in live SCADA environments, hardware assessments, architecture reviews, assessing web applications, reverse engineering, packet capture analysis etc.
- Work with stakeholders and clients to help them understand and triage their risks.
- If you understand the nuance of testing in an OT environment and like pushing limits this may be the role you’ve been seeking.
- Previous experience working within Operational Technology (OT) Networks to include Integrated Controls Systems (ICS), SCADA, and Process Control Networks (PCN).
- Prior experience performing penetration testing on enterprise networks, web applications, mobile applications, etc.
- Previous experience designing, organizing, and executing penetration tests and vulnerability assessments.
- Previous experience designing pragmatic remediation guidance for discovered vulnerabilities.
- Previous experience leading technical projects and ensuring documented requirements are delivered with excellence.
- Previous experience with consulting for service-oriented deliverables.
- Architecture and administration experience across all modern Microsoft Windows and *NIX operating systems.
- Experience with tools and platforms including: Kali, SamuraiSTFU (ControlThings.io), Burp Suite, Metasploit, Canvas, Cobalt Strike, etc.
- Knowledge of industry recognized attack frameworks (ATT&CK, Kill Chain, etc.) and security control guidance (NIST, ISO, etc.).
- Familiarity with scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Previous experience configuring APIs and web services (SOAP, REST, WSDL, XML/SPML, JSON)
- Strong communication (both verbal and written) and experience briefing client leadership and professionals
- Previous experience developing proposals, statements of work, and general content.
- Familiarity with Incident Response, Threat Monitoring, and Cyber Threat Intelligence functions, and a functional knowledge of how to fuse threat intelligence into attack methodologies.
- Relevant certifications (GWAPT, OSCP, GPEN, etc.).
- Experience working across organizational lines of business to implement mitigations, remediations, and countermeasures resulting from penetration testing discoveries
Travel Requirements: 25% to 40% to client locations primarily in the Philadelphia area presently.
Cypress Search LLC is a Technical and Executive Search firm based in Eastern Pennsylvania. We work with top companies on Engineering, IT, Operations and Marketing searches. Cypress Search will discuss all positions with candidates prior to submitting a resume to ensure candidate fit and interest.