Sr. Security Consultant - Attack & Penetration | Any U.S. Location Optiv Inc
Dallas, TX

Job Description

At Optiv, we're on a mission to help our clients make their businesses more secure. We're one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you'll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients' needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We're proud of our team and the important work we do to build confidence for a more connected world.

Who we are looking for:

A highly skilled penetration tester with expertise performing complex security assessments while maintaining a business focus on meeting client expectations. As a seasoned penetration tester, you will be professional, well-spoken and passionate about our work. You will have an uncanny ability to gain intimate knowledge of new systems, find security flaws and leverage those flaws to underscore business risk. The Senior Security Consultant we're looking for will enjoy contributing to a community and serve as a technical leader and mentor on our team.

How you'll make an impact:

* Combine the use of automated tools and manual techniques with new, creative approaches to identify and verify common vulnerabilities while finding those that are commonly missed during assessments
* Opportunistically blend and chain multiple weaknesses to compromise client organizations
* Exploit vulnerabilities and identify specific, meaningful risks to clients based on industry and business focus
* Deliver advanced security assessments from a diverse portfolio of services including physical penetration tests, product penetration tests, endpoint security assessments and breach simulations.
* Create comprehensive assessment reports that clearly identify an attack chain, root cause for vulnerabilities and remediation strategies
* Interface with client personnel to gather information, clarify scope and investigate security controls
* Provide technical and consultative mentorship for Consultants ensuring a consistently high level of execution
* Improve our methodologies, toolsets and offerings in a collaborative, team based environment
* Leverage subject matter expertise to shape proposals, statements of work and project scope

Qualifications for success:

* OSCP, OSCE, and GIAC certifications strongly preferred
* Experience delivering various security assessment disciplines including but not limited to network and web vulnerability assessments, penetration testing, red teaming, wireless security, physical security, social engineering, product/hardware security, VoIP security/war dialing
* In depth knowledge of security testing standards such as OSSTMM, OWASP and NIST SP 800-115
* Demonstrated ability to identify, describe and report vulnerabilities and standard remediation activities, to include clear demonstration of risk to clients through post-exploitation activities
* Mastery of commercial and open source security tools including, but not limited to, Nmap, Nessus, BurpSuite, Cobalt Strike, Metasploit, Wireshark, Kismet, and Aircrack-ng
* Development or scripting experience in one or more language (e.g. Python, C, Ruby, Java, JavaScript, PHP etc.)
* Familiarity with a variety of network architectures, network services, system types, network devices, development platforms and software suites (e.g. Windows, NIX, Cisco, Oracle, Active Directory, JBoss, .NET, etc.)
* Must be able to work well with clients and self-manage through difficult situations, to ensure client satisfaction
* Ability to convey complex technical security concepts to technical and non-technical audiences including executives
* Ability to work both independently as well as on teams

Why you'll love it here:

The Attack and Penetration (A&P) practice is Optiv's primary adversarial threat simulation group. A&P's purpose is to perform offensive security assessments, employing an adversarial perspective, to better aide in identifying gaps in organizational security programs. You will be on a team of like-minded individuals who collaborate often, and drive each other to success. Optiv A&P focuses on mentoring, career growth (both technical and professional), and encourages consultants to research new trends and techniques. Optiv A&P typically has several individuals represented at information security conferences throughout the year, to include Black Hat, DEF CON, various BSides, GRRcon, etc.

If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv as the largest pure-play cyber security provider in North America. We have served more than 12,000 clients of various sizes across multiple industries, we offer an extensive geographic footprint, and have premium partnerships with more than 350 of the leading security product manufacturers.

With Optiv you can expect:

* Entrepreneurial and collaborative environment
* Competitive total rewards program
* Professional training opportunities
* Engaging and fun culture
* Opportunity to work with industry leading, talented peers

#LI-PS

Why you'll love it here:

The Attack and Penetration (A&P) practice is Optiv's primary adversarial threat simulation group. A&P's purpose is to perform offensive security assessments, employing an adversarial perspective, to better aide in identifying gaps in organizational security programs. You will be on a team of like-minded individuals who collaborate often, and drive each other to success. Optiv A&P focuses on mentoring, career growth (both technical and professional), and encourages consultants to research new trends and techniques. Optiv A&P typically has several individuals represented at information security conferences throughout the year, to include Black Hat, DEF CON, various BSides, GRRcon, etc.

If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv as the largest pure-play cyber security provider in North America. We have served more than 12,000 clients of various sizes across multiple industries, we offer an extensive geographic footprint, and have premium partnerships with more than 350 of the leading security product manufacturers.

With Optiv you can expect:

* Entrepreneurial and collaborative environment
* Competitive total rewards program
* Professional training opportunities
* Engaging and fun culture
* Opportunity to work with industry leading, talented peers

#LI-PS