Full-Time Offensive Security Consultant

An Offensive Security Consultant at Eide Bailly is a highly skilled, consultative penetration tester capable of performing in-depth network and application assessments as well as social engineering. This position works both independently and as a part of a team to provide maximum value as to Eide Bailly’s customer base.

As an Offensive Security Consultant you will contribute to the overall success of the team and the development of the services and practices within the Cybersecurity Team. You understand the technical and non-technical issues and challenges our clients are facing and use this knowledge and your experience to identify weaknesses and provide remediation guidance and solutions that align to each organization's objectives and needs.

A typical day may include:

• Effectively deliver offensive security assessments of internal/external networks, web applications, social engineering (phishing/vishing/SMShing/physical), Wireless Security Assessments, and Hardware security assessments.
• Clearly Document and deliver reports to clients in a presentation format and fluently talk through the risks of each vulnerability and the pertaining remediation guidance
• Chain vulnerabilities and utilized know/developed code to exploit vulnerabilities to determine severity and priorities of the assessment findings
• Research, develop, and test new concepts to find bugs and vulnerabilities throughout different software/hardware/operating systems and work with Eide Bailly to responsibly disclose any findings.
• Review and provide Quality Assurance of others reports prior to sending to clients
• Document and publish any research of new tools and tactics developed internally
• Manage and maintain offensive security lab and equipment.
• Cultivate new and existing client relationships to identify technology and security opportunities with clients and prospects based on business and technology conversations
• Assist in developing Statements of Work by defining scope, approach and estimated work effort to support our clients' needs
• Provide technical mentorship and leadership to grow technical staff knowledge and experience
• Maintain awareness of technology trends and issues to apply that knowledge to client issues and solutions.
• Apply advanced subject matter knowledge to complex security and technology issues
• Assist is cross functional delivery of services including Incident Response and cybersecurity assessments.

Minimum Qualifications:

• Minimum two (2) years of experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Assessments, Web Application Assessments and/or Social Engineering across multiple clients.
• Minimum three (3) years of experience in a consulting services role, or related information security positions
• Bachelor's degree in computer science, management information systems, infrastructure security or related area of study preferred or related experience and training
• Security and Technical industry certifications a plus (CISSP, OSCP, OSCE, CEH, GPEN)
• In Depth Experience with penetration testing tool stack (i.e. Nessus, OpenVas, Qualys, Burp, Nmap, Kali, Metasploit, Meterpreter, Wireshark, etc.)
• Knowledge of programming languages (i.e. Python, Ruby, C/C++, etc.) for review and creation of security tools
• Deep knowledge of penetration testing methodologies

What is the last date for applying to the job?

Which countries are accepted for this remote job?