Sr. Penetration Testing Analyst
Senior Penetration Testing Analyst who provides subject matter expertise in Penetration Testing of Web Applications, Infrastructure and Network, Wireless and Social Engineering. Provides enhanced vulnerability analysis and contextual feedback to stakeholders for resolution of discovered vulnerabilities. Responsible for communicating with the stakeholders at every stage of the penetration testing activity to negotiate the rules of engagement, develop the engagement plan, brief and advice on vulnerabilities discovered, and manage the delivery of the final report and briefings at the executive level.
- Responsible for monitoring and coordinating the activities of up to 8 contractor personnel and oversight of multiple assessments.
- Develop and maintain standard operating procedures, rules of engagement and status reporting of each assessment.
- Contribute to the development and overall strategy of the Penetration Testing program.
- Coordinate and evaluate vendors and associated products/tools in facilitating the Penetration Testing initiatives.
- Recommend exploitation techniques and threat vectors to explorer before and during assessment activities.
- Utilize social engineering techniques in person, over the phone, or in e-mail to gain and maintain access to information systems.
- Develop and support the negotiation of Rules of Engagement with stakeholders for all assessments.
- Provide assessment results to Senior Staff at the executive level.
- Provide detailed advisory support on vulnerabilities and the associated risk, and provide viable options to close or mitigate the risk to stakeholders.