careers

Senior Penetration Tester

Description of the Position

Running nmap and a vulnerability scanner is not a penetration test. CipherTechs’ Offensive Security Team attacks and exploits networks and applications. The Offensive Security Team is looking for a senior penetration tester to join our small team. This role will work primarily in commercial sector projects performing offensive engagements (application, network, mobile, wifi penetration testing, social engineering, red teaming, specialty security assessments) and otherwise support ongoing offensive operations and infrastructure.

The person that takes this role will first and foremost be deeply technical, able to oversee and execute high quality penetration tests while maintaining client satisfaction, lead projects through the whole project life cycle and deliver on time, and possess strong communication skills with clients and other team members. There are no “rock stars” or “ninjas” on our team – we collaborate together to be the best we can collectively be at breaking into networks and applications.

Responsibilities

  • Plan and execute full life cycle offensive operation. This includes project scoping, resource assignment recommendations, some RFP/SoW work, performing the penetration test, communicating progress with clients, writing professional quality reports, presenting findings to executive and technical audiences.
  • Effective communication. Writing and presenting are a large part of professional penetration testing. Senior penetration testers are expected to excel at communicating with client audiences (executive and technical audiences), and be a good communicator within the team while collaborating on projects.
  • Perform application penetration tests. Application pentests often include thick client, API, mobile SDK, and web applications from black, gray, and whitebox perspectives.
  • Perform network penetration tests. External, internal, and wifi network penetration testing. Capable of penetrating multiple platforms in enterprise environments. Familiarity attacking Active Directory.
  • Social engineering. Strong spear-phishing skills (both credential harvesting and remote code execution), ability to customize an attack for a client and build creative story lines that persuade targets to act on our lures.
  • Contribute towards team tool kit, lab, and attack infrastructure. Become regular contributor to team wiki and git repositories
  • Ability to train/mentor others in adversary techniques
  • Follow primary source cyber security feeds, publications, and articles to remain current on trade craft and vulnerabilities. Capable of curating relevant information and acting on it on engagements or updating internal playbooks.
  • Interface with clients and staff with professionalism and an overall positive attitude. A variety of problems will arise and will be dealt with but senior staff will pro-actively construct solutions. Negative demeanors are not a fit with the team.

Requirements

  • Exceptional troubleshooting and analytical abilities
  • Senior level experience with enterprise penetration testing. Must be strong at network and application testing for this senior position
  • Seniority with Linux and Windows. Must have strong practical experience in both environments
  • Senior level network experience. PCAP interpretation and parsing, understanding of L1-8 protocols
  • Rich experience exploiting vulnerabilities
  • Strong with pivoting and tunneling to traverse network segments and chains of compromise
  • Capable of managing multiple projects at once
  • Time flexibility to deliver client off-hour testing requirements
  • Great written and verbal communication
  • Comfortable with online collaboration based workflow. Encrypted chat is used to collaborate with remote colleagues and reports are written as a group in many cases
  • Discretion. Accessing the CEO’s inbox at $FORTUNE500 is not something that can be discussed with friends or your Twitter feed. General discretion and mature opsec practices are expected
  • Ability to pass a criminal background check

Additional Requirements

The role currently being filled must be professionally qualified in one of the following areas:

  • Development: Any of Go, Python, Powershell, C# and shell. Development would be to support offensive operations such as custom applications for spear phish attacks, C2 infrastructure, maintain forks of tools to eliminate signatures and implement private features
  • Systems Engineering / DevOps: Ansible, terraform or other automation infrastructure-as-code frameworks
  • Red Teaming: Seasoned hacker capable of getting in, obtaining crown jewels, and getting out relatively undetected. Strong with AV/EDR evasion
  • IaaS Providers: Strong technical skills in any of AWS, Azure, or GCE. Capable of penetration testing and gap analysis specific to IaaS providers. Comfortable with cli/API for at least one of these providers
  • Ability to occasionally travel. Our team’s work load is predominately remote but for occasional onsite requirements senior staff needs to be able to travel to client locations and maintain a good image for the company and team

Benefits

  • Competitive salary
  • 401k plan
  • Full medical and dental benefits
  • Performance based bonus
  • Full remote if desired or work in our NYC headquarters or Kilkenny Ireland office
  • Work with a team that genuinely enjoys compromising networks and applications. CipherTechs’ Offensive Security Team is boutique and does not seek to become a big-five consulting firm. Our team is small and maintains a collective identify of people that truly enjoy offensive operations and aren’t just doing the minimum for a paycheck.
  • Work on great projects. CipherTechs has fascinating clients and projects that unfortunately cannot be discussed here but our plate is always full with interesting projects.
  • Work for a great company. CipherTechs’ headquarters is two blocks from the NY Stock Exchange and we host a lot of client and company events. We engage and form friendships with clients and helps build long lasting business relationships. CipherTechs founders are very technical and listen to engineering teams. Collaborate with the Blue Team, DFIR, Audit and Compliance. CipherTechs sales team sells a lot of different security products so our lab always has interesting things to attack, evade, and build play books against.
  • If you have a certification and/or degree that’s great. If you don’t that’s no problem. You will be considered strictly based on your current abilities to do the job. CipherTechs will pay for cyber security relevant certifications if that interests you.
  • Mobile or Internet expense reimbursement
  • Maintain ownership of any published code (your GitHub account belongs to you)
  • On-going training and infosec conference opportunities
  • Opportunity to speak at CipherTechs technical events and infosec conferences

Contact

Please email jobs a t ciphertechs.com with a PDF version of your resume. No recruiters please.

more searchable words

penetration test, payload, evasion, reverse engineer, implant, command and control, c2, persistence, APT, re-entry, covert, stealth, tunnel, proxychains, privoxy, anti-forensic, MITRE ATT&CK, socat, openvas, nmap, wireshark, masscan, cobalt strike, CANVAS, hashcat, purple team, TTP, golang, STIG, reverse shell, red baron