Skip navigation
Penetration Tester

Penetration Tester

Job Description

Position:                       Penetration Tester


Service Area:               Technology


Location:                     Any Sikich Office



Job Description:

We are currently seeking a Penetration Tester for our security and compliance division, to be based out of any Sikich office.


If you can teach us something new, come join our team of experts. Show our clients and partners how you can break into computer systems and share tips on how to secure them.


Responsibilities:


  • Penetration test servers, networking devices, web applications, wireless networks, physical security control systems and sometimes even people
  • Write test plans and document results
  • Perform reconnaissance and discovery to map targets
  • Conduct social engineering activities such as phishing, pretext calling and in-person pretexting
  • Research tools and security exploits
  • Consult with clients on high-level strategic initiatives as well as highly-technical and detailed regulatory compliance projects
  • Learn the tricks of the trade from experienced mentors
  • Share knowledge and mentor new team members and peers
  • Blog about new security finds

Job Requirements


Requirements:

 

  • Proficiency with:
    • Windows and Unix/Linux operating systems and command lines
    • Web applications and services
    • Networking principles
    • Firewalls, IDS/IPSes, IPsec and SSL VPNs
    • Wireless protocols, security and attack vectors
    • Database design, implementation and management
    • Cryptography, ciphers and key management
    • Commercial and open source security tools (e.g., Nessus, Nmap, Metasploit, Web Inspect, Wireshark, Backtrack/Kali Linux, Burp Suite, ...)
    • Scripting (Shell, Ruby, Python, PowerShell, JavaScript) and application development skills are distinguishing factors; if you can write your own tools, even better
    • Automating routine tasks
    • Willingness to maintain your proficiency by:
      • Keeping up-to-date with attack vectors, tools, countermeasures, threats and technologies
      • Developing and refining tools, templates and methodologies
      • Self-teaching new ideas as you encounter them
      • Knowledge of information security principles
      • Comfort with presenting security concepts or findings to both highly-technical and entirely non-technical audiences
      • Ability to:
        • Analyze vulnerabilities and find, create or modify proof of concept exploits to attack targets
        • Write and speak exceptionally well


Desired:


  • Experience with:
    • Performing penetration testing or auditing/consulting
    • Managing networks and systems for both Windows and Unix platforms
    • Familiarity with the payment card (PCI DSS, PA-DSS, P2PE, PFI), financial (GLBA, SOX, SSAE 16), health care (HIPAA/HITECH) or higher education industries
    • Willingness to get certified in any of the following:
      • Security and IT certifications (e.g., CISSP, OSCP, GPEN, GWAPT, CISA)
      • Technical certifications (e.g., MCSE, CCNA, RHCE, etc.)
      • Related industry certifications (e.g., QSA, PA-QSA)
      • Membership in relevant professional organizations like OWASP, InfraGard, ISSA or the like
      • Fluency in Spanish
      • Ability to:
        • Travel domestically and internationally
        • Pass a federal background check


Company Overview:

Sikich LLP is a nationally-ranked top 40 public accounting and consulting firm. Working at Sikich, you’ll become part of a highly motivated and competent team that values individual effort and growth while encouraging balance between your personal and work life. We recognize that our people are our most valuable asset—our employees drive our success.


As the security and compliance division of Sikich, we are a highly-technical group specializing in performing compliance audits, computer security assessments, penetration tests and computer forensic investigations. We are an Approved Scanning Vendor (ASV), a Qualified Security Assessor (QSA), a Payment Application Qualified Security Assessor (PA-QSA), a QSA and PA-QSA for Point-to-Point Encryption (QSA (P2PE) and PA-QSA (P2PE)) and a PCI Forensic Investigator (PFI) certified to perform the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS).


Sikich is honored to have been named a Top Workplace by the Chicago Tribune and recognized nationally as a Best and Brightest Company to Work For. If you're looking to take your career to the next level, learn more about Sikich—and the possibilities for you. Visit us as sikich.com/careers


Working for Sikich:

We recognize that our people are our most valuable asset—our employees drive our success. That’s why Sikich believes in empowering our people with real-time career development, offering diverse and challenging work, and providing solid growth opportunities. We're always looking for talented people to join our team. If you have a let’s get down to business, roll up your sleeves mindset, then Sikich is the place for you.


Benefits include:


  • Major Medical and Dental Insurance
  • 401k Match
  • Flexible Spending Accounts
  • Paid Exam Costs for Professional Certifications
  • Tuition Reimbursement
  • Flexible Work Schedule
  • Paid Paternal & Adoption Leave
  • Business Casual Dress Code
  • Employee Assistance Program
  • Fitness Reimbursement


To apply for this position, please submit your cover letter and resume to [Click Here to Email Your Resumé]



Job Snapshot

Employment Type Full-Time
Job Type Information Technology
Education Not Specified
Experience Not Specified
Manages Others Not Specified
Industry Security, Consulting
Required Travel Not Specified
CareerBuilder Tip:
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder.com you are agreeing to comply with and be subject to the CareerBuilder.com Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

Penetration Tester


Enter notes about this job:

Cancel