Phoenix Cyber is looking for a Penetration Tester to join our client delivery team. This is onsite at the client location in Chandler, AZ.
Requirements:
- Candidates must possess demonstrated experience planning and conducting penetration tests against networks and web applications.
- Solid understanding of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, covert channels, and data exfiltration.
- Perform infrastructure penetration testing to discover and exploit vulnerabilities to test the effectiveness of the organization’s security posture.
- Perform web application penetration testing to identify and exploit OWASP Top 10 web application vulnerabilities.
- Leverage threat intelligence to emulate known threat actors’ tactics, techniques, and procedures. Expertise with tools such as Bloodhound, Burp Suite, Cobalt Strike, Metasploit, and Mimikatz.
- Develop process automation and penetration testing scripts.
- Partner with various cybersecurity teams to improve automation and detection of threat actors.
- Engage with technical and non-technical audiences to articulate both techniques and results.
Requirements:
- At least five (5) years of pen test experience
- Knowledge of red, blue, and purple team assessments
- Experience with OSSTMM, OWASP, NIST, PTES, ISSAF methodologies
- Experience with a variety of toolsets for gathering information and conduct comprehensive penetration tests
- Must have at least a CEH, PenTest+, or GPEN certification in addition to one of the following certifications: GXPN, OSCP, CRTOP, CMWAPT, CEPT, CPT, LPT or other similar certifications as approved by the Government (e.g., C|PENT)
- Secret Clearance
Phoenix Cyber is a national provider of cybersecurity engineering services, operations services, sustainment services and managed security services to organizations determined to strengthen their security posture and enhance the processes and technology used by their security operations team.Phoenix Cyber is an equal opportunity employer and complies with Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act (VEVRAA), all amendments to these regulations, and applicable executive orders, federal, and state regulations.
Applicants are considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, and/or veteran status.Phoenix Cyber participates in E-Verify to confirm the employment eligibility of all newly-hired employees. To learn more about E-Verify, including your rights and responsibilities, go to https://www.e-verify.gov/
