Kansas Works Jobs

Kansas Works Logo

Job Information

Optiv Security Consultant - Attack & Penetration, Threat Management I Remote, USA - 04721abe-b236-44c5-abbb-2063220e8095 in Overland Park, Kansas

This job was posted by https://www.kansasworks.com : For more information, please see: https://www.kansasworks.com/jobs/11813400 At Optiv, we're on a mission to help our clients make their businesses more secure. We're one of the fastest-growing companies in a truly essential industry. Join us.

An Attack & Penetration Consultant is a highly skilled penetration tester capable of performing complex assessments while maintaining a business focus and meeting client requirements. This position will work both independently and as part of a team to perform Security Assessments including vulnerability assessments and penetration tests. An Attack & Penetration Consultant also contributes to the development and continuous improvement of the Security Assessment practice through a various team and industry contributions.

How you'll make an impact:

+ Assess an organization's network security posture through the use of automated tools and manual techniques to identify and verify common security vulnerabilities

+ Use creative approaches to identify vulnerabilities that are commonly missed in security assessments

+ Exploit vulnerabilities and identify specific, meaningful risks to clients based on industry and business focus

+ Assess physical security controls by lock picking, camera evasion, tailgating, dumpster diving and other evasive techniques

+ Execute opportunistic, blended and chained attack scenarios that combine multiple weaknesses to compromise client environments

+ Create comprehensive assessment reports that clearly identify root cause and remediation strategies

+ Interface with client personnel to gather information, clarify scope and investigate security controls

+ Execute projects using established methodology, tools and documentation

+ Collaborate with other team members and practices to complete client projects and practice contributions

+ Maintain industry credentials/certifications

+ Participate in industry conferences to include delivering presentations

+ Provide support in the ongoing development of security assessment offerings through tool creation and process improvement

+ Perform other duties as assigned

Qualifications for Success:

+ Minimum 2-3 years of experience performing Vulnerability Assessments or Penetration Tests

+ Ability to travel up to 25% of the time to client sites

+ Bachelor's Degree from a four-year college or university in Information Assurance, Computer Science, Management Information Systems or related area of study; or related experience and/or training; or equivalent combination of education and experience

+ OSCP, OSCE, GIAC, CISSP certifications strongly preferred

+ Demonstrated ability to deliver projects using well-defined methodology across various security assessment disciplines including:

+ Network Vulnerability Assessments

+ Penetration Tests

+ Physical Security Assessments (Tailgating, lock picking, camera evasion, dumpster diving, etc.)

+ Product/Hardware Security Assessments

+ Web application Vulnerability Assessments (SQLi, XSS, Session management issues, etc.)

+ Ability to combine multiple separate findings to identify complex blended vulnerabilities

+ Ability to identify, describe and report vulnerabilities and standard remediation activities, to include clear demonstration of risk to clients through post-exploitation activities required.

+ Mastery of commercial and open source security tools required (e.g. Nessus, Nexpose, SAINT, Qualys, Burp, Nmap, Kali, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng etc.)

+ Familiarity with many different network architectures, network services, system types, network d evices, development platforms and software suites required (e.g. Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.) required.

+ Demonstrated ability to create comprehensive assessment reports required.

+ Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction.

+ Ability to convey complex technical security concepts to technical and non-technical audiences including executives required.

+ Ability to work both independently as well as on teams required.

+ Willingness to collaborate and share knowledge with team members required.

+ Proven ability to review and revise reports written by peers required.

+ Experienced at writing technical proposals, statements of work, white papers, presentations and project documentation; strong attention to detail is required.

With Optiv you can expect:

• A company committed to championing Diversity, Equality, and Inclusion through Affinity groups including but not limited to, Women's Network, Optiv Pride, Black Employee Network, and Veterans Support Network.

• Work/life balance. We offer "Recharge" a flexible, time-off program that encourages eligible employees to take the time they need to recharge

• Professional training resources, including tuition reimbursement

• Creative problem-solving and the