The Dallas CISSP Meetup Group Message Board › Consultant, Security and Audit Services / Windows Pen Testing
San Antonio, TX
Consultant, Security and Audit Services
We are looking for engaged, creative, motivated individuals in the Dallas, TX area to join our network security audit, consulting and training firm. Ideally the candidate will have multiple years of administrative or information security experience in a medium to large environment with one or more relevant certifications. Initially the candidate would act as a junior team member with numerous opportunities to conduct or assist in a variety of security audits, instruct and develop courses and refine and expand security audit methodologies. Junior team members that perform well in these capacities will have the opportunity to graduate to team and organizational management roles.
The main role of the candidate will be focused on Windows Penetration Testing.
This position is a full time, regular position and includes the following job functions:
• Perform remote audits including war-dial, internet and web application security assessments
• Must be able to map out a network and discover ports, services, and OS using Nmap.
• Capable of analyzing a network and setting up and running appropriate Operating System scans using Tenable’s Nessus.
o Can analyze Nessus scan results and determine the appropriate test avenues
• Understands general network penetration testing methodology
o Penetration Testing (e.g., internal, external, wireless, physical, social, etc.)
• Proficient using Metasploit to launch exploits and manage payloads
• Proficient in the Backtrack penetration testing distribution tool sets
• Web application testing
o Understands the fundamentals of web applications including authentication, session management, requests, form submittal, etc.
o Understanding and ability to exploit Cross Site Scripting, SQL injection, and other common vulnerabilities
o Understanding of the different web app protocols and communication methods
• Document audit issues and prepare the Internet audit report Conduct logical security audits and hands-on technical security evaluations and implementations
• Conduct specific research into Exploits in the Internet, UNIX and network equipment areas
• Conduct research as directed to identify new exploits and to gain an understanding of the way these exploits work
• Work with existing and potential clients to develop audit solutions
• General knowledge of
o Variety of common network ports and protocols
• Self motivated and able to work in an independent manner.
• Strong technical skills: The applicant should have solid working technical knowledge and understanding of IT Audit and Security Testing scope and techniques, and be able to verbalize and document reportable issues and recommended solutions
• The applicant must also be well versed in Windows, MS WORD, Outlook, Excel and be able to work well by email.
• Ability to work closely with other staff members.
• 3 or more years experience in network or system administration or an information security related role.
• Current certification in CISSP, CISA, MCITP, CCNA, Linux+, CEH or similar network or system administrative / information security certification.
• Travel is required; extensive travel will be required from time to time.
How To Apply:
Send a resume or any questions to: email@example.com