If Pen Testing is your passion, if you love to do CTFs in your spare time (the 2nd step of our interview process!), if you have your OSCP, if you dream about attending security conferences (e.g. BlackHat, ShmooCon, DefCon, etc.) or eagerly git clone the latest tools / frameworks to play with in your home lab, then you’re exactly who Schellman is looking for to join our team.
There is no typical day for our Pen Testers. Our clients rely on us to find a myriad of vulnerabilities across network, application, mobile, cloud, wireless and other assessments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest cloud technologies and endpoint protection. Our team is remote yet extremely collaborative and works together to utilize their different backgrounds and experience to solve these problems.
In addition to the hands-on training, Schellman also promotes a continuous learning environment. Team members are encouraged to attend at least one security conference and training event every year to stay on the cutting edge of the industry.
Responsibilities:
The primary responsibilities for this position will be leading network, application, and mobile penetration testing, as well as furthering team development and advancing the practice. Senior Penetration Testing Associates perform project execution and report preparation activities as the delivery lead on an engagement.
Requirements:
-At least three years hands-on penetration testing experience
-At least one year of web application penetration testing experience
-Completion of the OSCP Certification
-Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges – SANS Holiday Hack, HackerOne CTF, HackTheBox.eu, etc.)
-Degree in computer science or information technology
-Competency in common operating systems (e.g. Windows, macOS, Linux)
-Proficiency with at least two scripting languages (e.g. Python, Bash, JavaScript, PowerShell)
-An understanding of cloud computing models, technologies and concepts
-Knowledge of PCI and FedRAMP programs
-A passion for identifying and exploiting vulnerabilities
-Demonstrated entrepreneurial abilities, client focus, industry savvy, and the ability to work independently or as part of a collaborative team
-Self-driven in a remote working environment, motivation to continuously improve your skillset
Schellman might not be as well-known, but we are well-liked. We’ve been recognized in the industry as #1 Best Firm to Work For 2020 by Accounting Today and Top 10 for Comp and Benefits on Glassdoor, but more importantly, our employees have great things to say about working here: https://www.glassdoor.com/Reviews/Schellman-and-Company-Reviews-E666239.htm
We are open on location as this position is remote-based. Unfortunately, at this time, we cannot consider candidates that require sponsorship (now or in the future), or are located outside of the US.
We are currently conducting interviews for 2021 start dates.
Schellman &Company, LLC. uses E-Verify in our hiring process.
Schellman &Company, LLC. is an equal opportunity employer (EOE) and strongly supports diversity in the workplace.