Position Role/Tile: Pen Tester
• Typical tasks include conducting and/or supporting authorized penetration testing on enterprise network assets, analyzing site/enterprise configurations (network
• Testing will be conducted on various systems on an as-needed basis across the enterprise and its clients.
• Candidate will need to be able to perform assessment on various system following OWASP,NIST, ISO, PCI, HIPAA or similar standards and requirements including
obtaining evidence and writing final assessment reports.
Knowledge, Skills, Experience and Abilities:
• Penetration testing principles, tools (Kali etc), and techniques (e.g., metasploit, neosploit, etc.), and the ability to identify systemic security issues based on the
analysis of vulnerability and configuration data.
• Understanding of how traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System, Interconnection Model
(OSI), Information Technology Infrastructure Library, v3 (ITIL)),
• System and application security threats and vulnerabilities,
• Network protocols such as TCP/IP, Dynamic Host Configuration (DHC), Domain Name System (DNS), and directory services,
• System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert
channel, replay, return-oriented attacks, and malicious code),
• General attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering
• Network access, identity and access management (e.g., Public Key Infrastructure (PKI)
• Network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth),
• Information Assurance (IA) principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
• Assessing the robustness of security systems and designs,
• Use of social engineering techniques,
• Applying host/network access controls (e.g., access control list),
• Using network analysis tools to identify vulnerabilities,
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
• Education: Bachelor of Science degree (or a post-graduate degree) in Computer Science, Information Assurance, Information Systems, Network/Cybersecurity, or
IT related field.
• Penetration Tester and Security Certifications (CEH, OSCP, CISSP, CISM)
Central Business Solutions, Inc,
37600 Central Ct.
Newark, CA 94560.
Central Business Solutions, Inc(A Certified Minority Owned Organization)
Checkout our excellent assessment tool: http://www.skillexam.com/
Checkout our job board : http://www.job-360.net/
Central Business Solutions, Inc
37600 Central Court Suite 214 Newark CA, 94560
Phone: (833)247-8800 Fax: (510)-740-3677