---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Penetration Engineer
Location: Milwaukee, Wisconsin, United States
Type: Permanent F/T
Closing Date: 2007-12-08
403 Labs (www.403labs.com) is a young innovative information
security consulting company adding on to our core team of
talent. Enjoy a casual work environment and a flexible
schedule while you help us impress and build our portfolio
of nation-wide and international clients.
We're looking for an enthusiastic technical expert to
perform network and application penetration testing. You'll
be required to write test and penetration plans as well as
verbalize and document your results for technical and
non-technical audiences.
JOB REQUIREMENTS
---------------------------------------------------
We'll expect you to:
* Be proficient with all the usual suspects:
-- Windows and Unix/Linux operating systems
-- Web applications and services
-- Firewall, IPSEC and SSL VPNs, IDS, WLANs
-- Database design, implementation, and management
-- Cryptography, ciphers, and key management
-- Commercial and open source security tools (e.g., Nessus,
Nmap, Netcat, Web Inspect, Metasploit, Cain, Wireshark,
VMware, run-live distros, ...)
-- Scripting (vbscript, javascript, perl, ruby) and
application development skills are distinguishing factors;
if you can write your own tools, even better
* Be prepared to maintain your proficiency; you'll need to
keep up to date with tools, countermeasures, threats and
technologies, share your knowledge and mentor new team
members and peers, and develop and refine tool s, templates
and methodologies
* Be able to interpret vulnerabilities, identify weaknesses,
exploit them, and escalate your access; we don't just run
tools and slap on a cover sheet
You must:
* Rock
* Be able to work on multiple concurrent projects
* Be an independent and creative thinker, yet still work
well as a team
* Own more than one black t-shirt
* Enjoy working via the command line
While certifications don't indicate competence, they do
reflect professionalism and a minimum knowledge level.
You'll get a gold star in any of the following:
* CISSP (or willingness to get certified)
* Other security and IT certifications (e.g., GIAC, CISA,
CEH)
* Technical certifications (e.g., MCSE, CCNA, etc.)
* Financial and Payment Card Industry (PCI) experience
* Related industry certifications (QSA, QPASP)
If you demonstrate your expertise and can make an impact,
you'll be able to define your own position. If you're
equally proficient in other security services, there will be
plenty of opportunities to provide existing or develop new
client offerings. You'll also have the ability to
participate in other business growth opportunities such as
sales, client management, industry presentations, trade
shows, whitepapers and exploit advisories.
If you like to break into your own systems and you're a
quick learner, you'll fit in well. We'll make sure your
techniques are inline with ours.
If you've broken into someone else's system without
authorization, please don't bother to apply.
U.S. citizenship required.
CONTACT
---------------------------------------------------
Please forward a copy of your resume, cover letter with
salary requirements and a reason to hire you to careers [at]
403labs [dot] com.
403 Labs, LLC
HR Department
careers 403labs.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.security
focus.com/jobs
|