Remote or Hybrid allowedQualificationsAt least five years of experience performing the functions associated with this labor category.Experience implementing comprehensive security tests that include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation) and other security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation) to demonstrate or emulate an adversary's ability to gain unauthorized access to sensitive data and systems that reside in either local (on-premises) or cloud computing solutions.Experience analyzing data, identifying vulnerabilities, and developing corresponding mitigation strategies.Experience conducting scenario-based and functional security testing during authenticated and unauthenticated testing.Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions.Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and macOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site request forgery). CapabilitiesImplement comprehensive security testing to include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation).Conduct security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation).Analyze data, identify vulnerabilities, and develop corresponding mitigation strategies.Conduct scenario-based and functional security testing during authenticated and unauthenticated testing. CertificationCISSPOffensive Security Certified Professional (OSCP)GIAC Penetration Tester (GPEN)Equivalent VIVA is an equal opportunity employer. All qualified applicants have an equal opportunity for placement, and all employees have an equal opportunity to develop on the job. This means that VIVA will not discriminate against any employee or qualified applicant on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status
QualificationsAt least five years of experience performing the functions associated with this labor category.Experience implementing comprehensive security tests that include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation) and other security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation) to demonstrate or emulate an adversary's ability to gain unauthorized access to sensitive data and systems that reside in either local (on-premises) or cloud computing solutions.Experience analyzing data, identifying vulnerabilities, and developing corresponding mitigation strategies.Experience conducting scenario-based and functional security testing during authenticated and unauthenticated testing.Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions.Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and macOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site request forgery). CapabilitiesImplement comprehensive security testing to include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation).Conduct security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation).Analyze data, identify vulnerabilities, and develop corresponding mitigation strategies.Conduct scenario-based and functional security testing during authenticated and unauthenticated testing. CertificationCISSPOffensive Security Certified Professional (OSCP)GIAC Penetration Tester (GPEN)
Equivalent
(Please ensure email matches your resume email)
(document types allowed: doc/docx/rtf/pdf/txt) (max 2MB)
By submitting this form, you are consenting to the VIVA team contacting you via Phone/Email