Skip navigation
Penetration Tester
Apply Now

Penetration Tester

Job Snapshot

Employment Type Full-Time
Job Type Information Technology
Education Not Specified
Experience Not Specified
Manages Others Not Specified
Industry Security, Consulting
Required Travel Not Specified

Job Description

Do all their base belong to you?

If you can teach us something new, come join our team of smart folks.  Show our clients and partners how you can break into computer systems and share tips on how to secure them.

Responsibilities:

  • Penetration testing (ethical hacking) applications and network environments
  • Writing test and penetration plans and documenting your results
  • Performing reconnaissance and network surveys to map your targets
  • Researching tools and security exploits
  • Consulting with clients on high-level strategic initiatives as well as highly-technical and detailed regulatory compliance projects
  • Learning the tricks of the trade from experienced mentors
  • Blogging about your new security finds
  • Be proficient with all the usual suspects:
    • Windows and Unix/Linux operating systems
    • Web applications and services
    • Firewall, IPsec and SSL VPNs, IDS/IPS, WLANs
    • Database design, implementation and management
    • Cryptography, ciphers and key management
    • Commercial and open source security tools (e.g., Nessus, Nmap, Netcat, Web Inspect, Metasploit, Cain, Wireshark, VMware, run-live distros, ...)
    • Scripting (Ruby, Python, PowerScript, JavaScript) and application development skills are distinguishing factors; if you can write your own tools, even better
  • Be prepared to maintain your proficiency; you'll need to:
    • Keep up-to-date with tools, countermeasures, threats and technologies
    • Share your knowledge and mentor new team members and peers
    • Develop and refine tools, templates and methodologies
  • Be able to interpret vulnerabilities, identify weaknesses, exploit them and escalate your access; we don't just run tools and slap on a cover sheet

    Job Requirements


    Requirements:

    • Have previous auditing/consulting or penetration testing experience
    • Own more than one black t-shirt
    • Have managed networks and systems for both Windows and Unix platforms (even if it's the half-dozen systems stored under your bed)
    • Know general information security principles
    • Have coding and scripting experience (Ruby and Python are a plus, but are not required)
    • Have tried to exploit security holes and then fix them, but only on your own systems
    • Be able to communicate technical information to C-level, highly-technical and non-technical audiences alike
    • Write good and speak gooder


    Bonus Points If You:

    • Are professionally, or willing to get, certified (while certifications don't indicate competence, they do reflect professionalism and a minimum knowledge level) in any of the following:
      • Security and IT certifications (e.g., CISSP, GIAC, CISA, CEH)
      • Technical certifications (e.g., MCSE, CCNA, etc.)
      • Related industry certifications (e.g., QSA, PA-QSA)
    • Have payment card industry (PCI DSS, PA-DSS, P2PE Payment Card Industry Point-to-Point Encryption, PFI), financial (GLBA, SOX, SSAE 16) or health care (HIPAA/HITECH) experience
    • Are fluent in Spanish or other languages and interested in traveling internationally to help us service our growing base of international customers
    • Are a member of a professional industry group (e.g., InfraGard, OWASP)

    If you like to break into your own systems and you're a quick learner, you'll fit in well. We'll make sure your techniques are in line with ours.

    If you've broken into someone else's system without authorization, please don't bother to apply.


    Company Overview:

    Sikich LLP is a nationally-ranked top 40 public accounting and consulting firm. Working at Sikich, you’ll become part of a highly motivated and competent team that values individual effort and growth while encouraging balance between your personal and work life. We recognize that our people are our most valuable asset—our employees drive our success.

    As the security and compliance division of Sikich, we are a highly-technical group specializing in performing compliance audits, computer security assessments, penetration tests and computer forensic investigations. We are an Approved Scanning Vendor (ASV), a Qualified Security Assessor (QSA), a Payment Application Qualified Security Assessor (PA-QSA), a QSA and PA-QSA for Point-to-Point Encryption (QSA (P2PE) and PA-QSA (P2PE)) and a PCI Forensic Investigator (PFI) certified to perform the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS).

    Sikich is honored to have been named a Top Workplace by the Chicago Tribune and recognized nationally as a Best and Brightest Company to Work For. If you're looking to take your career to the next level, learn more about Sikich—and the possibilities for you. Visit us as sikich.com/careers

    Working for Sikich:

    We recognize that our people are our most valuable asset—our employees drive our success. That’s why Sikich believes in empowering our people with real-time career development, offering diverse and challenging work, and providing solid growth opportunities. We're always looking for talented people to join our team. If you have a let’s get down to business, roll up your sleeves mindset, then Sikich is the place for you.

    Benefits include:

    • Major Medical and Dental Insurance
    • 401k Match
    • Flexible Spending Accounts
    • Paid Exam Costs for Professional Certifications
    • Tuition Reimbursement
    • Flexible Work Schedule
    • Paid Paternal & Adoption Leave
    • Business Casual Dress Code
    • Employee Assistance Program
    • Fitness Reimbursement

    To apply for this position, please submit your cover letter and resume to [Click Here to Email Your Resumé]


    View More Job Details

    SIMILAR JOBS

    Software Engineer Robert Half Technology
    Ref ID: 04600-121816 Classification: Software Engineer Compensation: DOE On...
    Can you bend spoons with your mind? If you have the wisdom and experience t...
    Web Developers (10) Apex Systems
    Apex Systems is looking for 10+ Developers in Brookfield, WI!!!! Our great ...
    Systems Support Analyst Collabera Inc.
    ***************************************************************************...
    Position: Computer Forensic Examiner Service Area: Technology Location: Any...
    CareerBuilder Tip:
    For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

    By applying to a job using CareerBuilder.com you are agreeing to comply with and be subject to the CareerBuilder.com Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

    Penetration Tester


    Enter notes about this job:

    Cancel