Penetration Tester

alliantgroup, LP is currently experiencing explosive growth As a national consulting firm focused on being the voice to the middle market, our mission is simple: Strengthening American businesses. How do we do this? We hire the brightest talent with the most diverse backgrounds who are passionate about making a difference. It's fun to work in a company where people truly BELIEVE in what they're doing

As a Senior Security/Penetration Tester, you will help us build security into our client's services, fortify our Clients defenses, and protect the systems that our Clients serve their respective customers.

If you are someone who enjoys the challenge of penetrating several technology platforms and protocols and partnering with software engineers to ensure it never happens again, then we encourage you to apply

You can work remotely from anywhere in the U.S. or at our Headquarters in Houston preferably.

What You'll Be Doing
•Penetration testing of web applications, native apps, and other systems.
•Design and code reviews of new systems and features.
•Coach and work with engineers to build security and privacy by design.
•Provide team members with concise, well-written penetration reports.
•Coordinate and track penetration testing and vulnerability assessment remediations.
•Conduct Red Team exercises to evaluate and improve processes and technologies.
•Perform application design, threat detection, incident response, patching, vulnerability remediation, secure development training, and user training.
•Partner with Blue Team daily to manage risk as threats evolve.
•Work with PCI and SOC auditors to ensure security policies are understood and complied with.

What We'll Expect from You
•Experience with scripting and development languages (ie. Python, PowerShell, JavaScript, C#, or F#).
•Proficient in common attack tools, vulnerability assessment and static inspection tools.
•Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards.
•Experience using secure development frameworks (ie. OWASP Top 10, SANS Top 25 and Microsoft SDL).
•Proficient in bypassing and tuning security technologies (ie. Anti-Malware, IDS, DLP, FIM, Firewalls, SIEM, MFA, Web Proxies and WAF).
•Familiarity with AWS security best practices and Infrastructure-as-Code.

Requirements
•7+ Years of Security Operations with 5+ years of experience in Penetration Testing, Red Team or Application Security experience.
•Bachelors Degree in Information Technology or similar field required
•Offensive Security Certified Professional (OSCP)
•Certified Information Systems Security Professional (CISSP)

#LI-JM2

---