Ethical Hacker

Job Description

Job Description Dox Electronics Inc. is looking to add an Ethical Hacker - Security Analyst who is an expert in the use of Nessus, KALI, and other popular security software. The ideal candidate will be responsible for assessing information risk and making recommendations for remediation within IT environments. Penetration testing (Ethical Hacking), Vulnerability assessments, Microsoft Best Practices, and CIS Baseline analysis will be required. Assessments will be performed against government regulations such as

CMMC ,

NIST 800-171

and other Cyber security engagements including

PCI

and

HIPAA . You will provide expert IT Security and Risk Analysis to a variety of clients all with different scopes and sizes of engagements. Every day is a different experience About Dox:

Since 1982, Dox has been providing Security assessments and professional IT Support for organizations all across the Continental United States. We deliver enterprise-level services and solutions at prices small businesses can afford. Time and experience have helped us develop best practices and workflow procedures around a proactive philosophy designed to keep our clients’ focus on their business, not their technology. At Dox, we believe you should love what you do and be passionate in your pursuits. Our employees dedicate themselves to fulfilling the needs of our clients and, in turn, the company invests thousands each year in training them so they can grow in their careers. We like to promote from within the company and offer room for upward mobility, career development, and infinite potential. We treat our employees like family and offer a supportive, exciting, and entertaining work environment. Responsibilities include but not limited to the following: Select, design, create, and maintain appropriate tools for testing. Documents test methodologies. Plan and perform penetration tests and vulnerability scans on computer systems, networks, web-based and mobile applications, including;

Focusing on network security and identifying potential weaknesses and vulnerabilities, Performing event correlation and analysis using tools to identify malicious activities and determine appropriate response actions, Preparing comprehensive documentation of test results, including identified weaknesses, exploitation methods, and the impact on the organization, Ensuring compliance with Federal, DoD, and Intelligence Community regulations, policies, and standards.

Gather data intelligence from the output of the automated penetration tools as well as information gathered in earlier stages to identify vulnerabilities that the tools may not identify. Communicate with relevant stakeholders, including technical points of contact, to discuss assessment findings and recommend mitigation actions. Analyze outcomes and make recommendations for security improvements. Review physical security and perform social engineering tests where appropriate. Enhance existing methodology material. Evaluate and select from a range of penetration testing tools. As applicable, maintain knowledge of the latest:

Testing and ethical hacking methods, Security threats and vulnerabilities. Changes to relevant regulations and standards.

Performs other duties as assigned.

Requirements: Proven expertise at advanced levels in five of the following, to include ability to combine components into a functioning multi-layer network of heterogeneous devices and applications and ability to inspect and replicate a system of such components: Certified Ethical Hacker Must be and expert with Nessus, KALI, and other popular security software Virtual Environments such as VMware and Hyper-V Microsoft Windows Operating System versions. UNIX (Solaris, HP-UX, etc.,) Operating System versions. Linux variant Operating System versions. BSD variant Operating System versions. C/C++ Language software development. Java Language software development. PowerShell programming Scripting language software development. Wireless

(WiFi/WiMax/Bluetooth)

technology (hardware or core software). Ubiquitous core network device

(switch/router/hub)

technology (hardware or core software). Proven ability to perform computer network vulnerability assessment and penetration testing. Understanding of risk planning and mitigation strategies. Ability to prepare and present documents and briefing materials. (Individual positions within this labor category have additional qualification and competency requirements.) Other Professional Skills : Articulate communicator, fluent in English with excellent listening skills Self-motivated and ambitious Great written and oral skills A team player who isn't a clock watcher Must be detailed, precise and accurate Excellent skills in maintaining relationships with clients and other external parties Physical Demands: Prolonged periods sitting at a desk and working on a computer. Must be able to exert up to 50 lbs. of force occasionally and/or up to 20 lbs. of force frequently, and/or up to 10 lbs. of force constantly to move objects. Company Description Since 1982, Dox has been providing Cyber Security Consulting, Professional IT Support, and Security Assessments for organizations of all sizes across the United States. Time and experience have helped us develop best practices and workflow procedures around a proactive philosophy designed to keep our clients’ focus on their business, not their technology.

At Dox, we believe you should love what you do and be passionate in your pursuits. Our employees dedicate themselves to fulfilling the needs of our clients and, in turn, the company invests thousands each year in training them so they can grow in their careers. We like to promote from within the company and offer room for upward mobility, career development, and infinite potential. We treat our employees like family and offer a supportive, exciting, and entertaining work environment.

Company Description

Since 1982, Dox has been providing Cyber Security Consulting, Professional IT Support, and Security Assessments for organizations of all sizes across the United States. Time and experience have helped us develop best practices and workflow procedures around a proactive philosophy designed to keep our clients’ focus on their business, not their technology.\r\rAt Dox, we believe you should love what you do and be passionate in your pursuits. Our employees dedicate themselves to fulfilling the needs of our clients and, in turn, the company invests thousands each year in training them so they can grow in their careers. We like to promote from within the company and offer room for upward mobility, career development, and infinite potential. We treat our employees like family and offer a supportive, exciting, and entertaining work environment. #J-18808-Ljbffr