Fulltime Penetration Tester openings in Chicago, United States on September 18, 2022

ProductSecurityEngineer at Enova Financial

Location: Chicago

About the role:

This is a hands-on role requiring in-depth knowledge of software security principles. You will be responsible for enabling security testing and enforcement across Enova Products. You will be responsible for prioritization and implementation of various DevSecOps projects and Tech initiatives which spans across all of Enova Products. In addition, you will be responsible for conducting application static code reviews, dynamic security assessments, secure architecture reviews. You will be expected to have a can-do attitude and work independently to drive solutions. Enova’s Security Engineering team designs, implements, and administers the tools and mechanisms involved with providing end to end IT security for Enova.

What you’ll be doing:
• Be a DevSecOps Evangelist.
• Conduct code reviews and security testing for new projects and initiatives
• Knowledge of Integrating Security Testing into the CI/CD Pipeline.
• Expertise in API Security testing.
• Automate security testing and embed security testing into the SDLC.
• Collaborate with architects, product managers, and other teams to deliver high quality secure product
• Provide and Guide Secure Architecture Reviews.
• Perform internal/external application penetration tests.
• Lead projects independently while working collaboratively with the team to ensure its success.
• Run annual application security training for software developers.

We’re excited about you if you have:
• Experience with security testing tools such as Kali, Metasploit, Burp Suite, OWASP ZAP, etc.
• Proficiency with application pen testing and vulnerability assessments
• Experience with OWASP security concepts and discovering vulnerabilities such as XSS, XSRF, SQL Injection, Cookie Manipulation, etc.
• Understanding of static code analysis products

An ideal candidate may also have:
• Experience with Python, Go, Java, Ruby, JavaScript, PostgreSQL, React etc.
• Experience in Container security and cloud security/architecture patterns.
• OSCP, OSWE, SANs, AWS Security Speciality Certification, Certified Kubernetes Security Specialist (CKS).
• Experience with threat modeling and attack surface design
Apply Here
For Remote ProductSecurityEngineer roles, visit Remote ProductSecurityEngineer Roles

********

Web Application Penetration Testing​/Cloud Assessments​/Security Engineer at Request Technology, LLC

Location: Chicago

Position: Web Application Penetration Testing / Cloud Assessments / Security Engineer

-NO SPONSORSHIP

Web Application Penetration Testing / Security Engineering

Looking for a candidate to perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments. AWS Services automation Lambda JSON Dev Ops Pipelines Git Hub Repos Hashcorp Product line terraform sentinel and hashi coding

Responsibilities:
• To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
• Perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments
• Perform independent reviews of security, network, applications, and cloud environments
• Plan/Design/Execute security related activities with automation as the primary driver to align with security strategy and vision
• Produce artifacts for various levels of leadership and staff relating to security related activities
• Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices
• Assist management with the improvement of policy and procedure to support Cloud Security Engineering activities as well as other security duties which may arise
• Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends
• Continue to support, grow, and assist development current processes and tools

Qualifications :
• The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
• Requires an in-depth knowledge of security controls and standards in relation to Cloud Security, Architecture, and Security Testing.
• Ability to manage and execute on multiple intricate projects with strict deadlines while maintaining best in class work.
• Ability to functionally serve as a primary point of contact across multiple teams within the organization and to lead projects for the entirety of the lifecycle.
• Architectural understanding and expertise of cloud and hybrid cloud infrastructure

Technical

Skills:
• Experience with AWS Services including automation services (Lambda, JSON, etc…)
• Experience with Dev Ops Pipelines and Git Hub Repos
• Experience with Hashi Corp Product line to include Terraform, Sentinel and Hashi Coding Language (HCL) for automated deployment of security tools and services

Education and/or

Experience:
• Five years’

Experience with Cloud Security Engineering activities and testing
• Three years’ experience with Dev Ops processes
• Three years’ experience with AWS architecture and services

Certificates or Licenses:
• Certification in at least one or more of the following:
• AWS Certified Solutions Architect
• AWS Certified Security Specialty
• Hashi Corp Terraform Associate
• Certification Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• GIAC Cloud Security Essentials (GCLD)
• GIAC Cloud Security Automation (GCSA)
• GIAC Defensible Security Architecture (GDSA)

-NO SPONSORSHIP

Web Application Penetration Testing / Security Engineering

Looking for a candidate to perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments. AWS Services automation Lambda JSON Dev Ops Pipelines Git Hub Repos Hashcorp Product line terraform sentinel and hashi coding

Responsibilities:
• To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
• Perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments
• Perform independent reviews of security, network, applications, and cloud environments
• Plan/Design/Execute security related activities with automation as the primary driver to align with security strategy and vision
• Produce artifacts for various levels of leadership and staff relating to security related activities
• Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices
• Assist management with the improvement of policy and procedure to support Cloud Security Engineering activities as well as other security duties which may arise
• Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends
• Continue to support, grow, and assist development current processes and tools

Qualifications :
• The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
• Requires an in-depth knowledge of security controls and standards in relation to Cloud Security, Architecture, and Security Testing.
• Ability to manage and execute on multiple intricate projects with strict…
Apply Here
For Remote Web Application Penetration Testing​/Cloud Assessments​/Security Engineer roles, visit Remote Web Application Penetration Testing​/Cloud Assessments​/Security Engineer Roles

********

Financial Services Penetration Testing Senior Consultant at Crowe

Location: Chicago

Your Journey at Crowe Starts Here:

At Crowe, you have the opportunity to deliver innovative solutions to today’s complex business issues. Crowe’s accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a “Best Place to Work.” We are 75 years strong and still growing. Come grow with us!

Job Description:
At Crowe, you have the opportunity to deliver innovative solutions to today’s complex business issues. Crowe’s accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a “Best Place to Work.” We are 75 years strong and still growing. Come grow with us!

Job Summary
Join our Consulting Digital Security and Financial Crime practice to lead our markets and the clients we serve within the financial services industry. From day one of your career, you will collaborate with our clients to transform their digital security programs. We will enable an entrepreneurial and innovative environment for you to deliver transformative risk consulting services and to develop deeply specialized skill sets demanded in today’s market.

For nearly 20 years, Crowe has been the leader in providing digital security and financial crime service to the financial community. We are a diverse, innovative, and driven group that operates across the country. We collaborate with the leading providers and organizations in financial services to bring our clients leading solutions.

Why we exist
To better enable our clients to realize their purpose by helping them to optimally achieve their goals.

How we serve
We bring the best of our authentic selves, working as a diverse team, to achieve our highest potential in serving our clients.

What we offer
We provide innovative and high value solutions, by dedicated individuals, who are passionate about helping our clients to enable their own success.

As a member of our collaborative team, you will be working alongside experts in the security field to protect our clients from threats and vulnerabilities and assist them with their complex security needs. We will enable an entrepreneurial and innovative environment for you to deliver transformative security consulting services and to develop deeply specialized skill sets demanded in today’s market.

The Penetration Testing Senior Consultant will be responsible for planning and executing cybersecurity projects. This position will work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed.

The Penetration Testing Senior Consultant will conduct Internal and External Penetration Assessment, as well as execute Cybersecurity Assessments, including but not limited to the following areas and responsibilities:
• Perform Penetration Assessments against internal and external corporate networks
• Perform network reconnaissance activities and acquire OSINT to support engagements
• Identify vulnerabilities within Windows Active Directory and perform exploits to acquire related information or credentials
• Execute local system privilege escalation attacks on Windows Systems
• Perform network-based attacks
• Microsoft SQL database exploitation
• Stay up to date with the latest vulnerabilities and exploits
• Client delivery – Technical lead on client engagements
• Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively
• Execute cybersecurity engagements independently and/or within a collaborative team at a high level
• Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
• Attend and present at cybersecurity conferences
• Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the project
• Submit recommendations to the project manager for corrective action or to support a recommended approach to solving the client’s needs

Qualifications
• Bachelor’s degree strongly preferred, candidates must possess significant analytical skills, which likely evolved from early academic training in Cybersecurity, Information Systems, Computer Science, or similar discipline.
• Minimum 2-4 years of business experience in the areas of Information Security
• CISSP, OSCP, CREST Penetration Testing, or equivalent certification preferred
• Experience performing Penetration Assessments against internal and external corporate networks
• Familiarity with various attack frameworks such as MITRE ATT&CK
• Experience performing network-based attacks such as protocol abuse and redirection attacks
• Familiarity with Microsoft SQL database functionality and exploitation
• Familiarity with evading malicious code detection solutions
• Experience within consulting or professional services, or at leading industry public companies is preferred
• Strong writing and interpersonal communication skills
• The ability to handle multiple projects concurrently
• Ability to lead execution teams for various projects
• Experience working with financial services companies strongly preferred

Technology Skills Preferred
• Microsoft Windows and Kali Linux
• Microsoft Active Directory and Group Policy
• Network architecture and protocols: TCP, UPD, IP, HTTP(S), DNS, NetBIOS, LLMNR, SMB, SSH, IPSec, EIGRP, OSPF, BGP, TLS, and others
• Microsoft SQL Server, VMware, Azure, AWS
• Penetration Testing tools: Burp, Nmap, Metasploit, Empire, Cobalt Strike, and others
• Intrusion Detection, Intrusion Prevention, Security Information and Event Management solutions
• Cryptographic tools, suites, and algorithms

Travel requirements may be up to 50%. However, they are currently extremely limited due to the current environment. Expected travel will be approximately 20 – 30%.

#LI-Remote

#Indeed

Our Benefits:

At Crowe, we know that great peopleare what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you!

How You Can Grow:

We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!

More about Crowe:

Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country’s best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.

Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
Apply Here
For Remote Financial Services Penetration Testing Senior Consultant roles, visit Remote Financial Services Penetration Testing Senior Consultant Roles

********

Ethical Hacking Engineer at UnitedHealth Group

Location: Chicago

As part of the Cyber Defense (CD) organization, the Ethical Hacker role is responsible for executing CD strategy for UnitedHealth Group and its affiliates through penetration testing, incident support, and subject matter expertise. The portfolio of services includes ethical hacking, penetration testing, and the related technologies and processes that enable the team functions to run at scale within a large, heavily segmented Fortune 5 company.

Primary Responsibilities:
• Work as part of an agile penetration testing team, empowered to execute objectives in a thorough and timely fashion
• Conduct vulnerability assessments on a wide variety of technologies and implementations utilizing both automated tools and manual techniques
• Application penetration tests (web, mobile and thick client)
• Network penetration tests
• API penetration tests
• Container Penetration tests
• Effectively communicate successes and obstacles with fellow team members and team lead(s)
• Create written reports, detailing assessment findings and recommendations
• Interface with customer contact(s) and staff in a constructive and professional manner
• Have exposure to advanced testing specialties: containerization, automation, wireless/IoT, exploit development, hardware and/or mainframe environments
• Ethically operate with appreciable latitude in developing methodology and applying it in the field
• Research and analyze known hacker methodologies, system exploits, and vulnerabilities to support methodology development and execution
• Ability to communicate clearly and effectively through oral or written communication with all levels in the organization
• Ability to initiate, design, execute, complete, and provide metrics on projects independently with minimal direction
• Support cross-team efforts to address systemic risks across the business
• Conduct business/risk portfolio research and test planning work that encompasses holistic testing efforts
• Collaborate with peer team to become a force multiplier through engagement, education, training, etc.
• Adapt and adjusts delivery model with agility based on the needs of the business, customer, and evolving security trends

Qualifications
• 3 or more years of experience in penetration testing, or 3 or more years of experience of Red Team testing
• Demonstrated technical expertise with network, cloud, and web application penetration testing
• Experience with one or more assessment and exploitation tools including:
• Kali Linux
• Metasploit
• Burp Suite Pro
• NMAP
• Proficiency in at least one scripting language (Perl, Python, Bash, PowerShell, VBA, etc)

Preferred Qualifications:
• Penetration testing certification (PenTest+, CEH, etc)
• Experience in Mainframe application and platform penetration testing
• Experience in PCI penetration testing
• Experience with threat modeling
• Undergraduate degree or equivalent experience

To protect the health and safety of our workforce, patients and communities we serve, UnitedHealth Group and its affiliate companies require all employees to disclose COVID-19 vaccination status prior to beginning employment. In addition, some roles and locations require full COVID-19 vaccination, including boosters, as an essential job function. UnitedHealth Group adheres to all federal, state and local COVID-19 vaccination regulations as well as all client COVID-19 vaccination requirements and will obtain the necessary information from candidates prior to employment to ensure compliance. Candidates must be able to perform all essential job functions with or without reasonable accommodation. Failure to meet the vaccination requirement may result in rescission of an employment offer or termination of employment.

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people’s lives. This is where it’s happening. This is where you’ll help solve the problems that have never been solved. We’re freeing information so it can be used safely and securely wherever it’s needed. We’re creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life’s best work.SM

All Telecommuters will be required to adhere to UnitedHealth Group’s Telecommuter Policy.

Colorado, Connecticut or Nevada Residents Only: The salary range for Colorado residents is $79,700 to $142,600. Pay is based on several factors including but not limited to education, work experience, certifications, etc. As of the date of this posting, In addition to your salary, UHG offers the following benefits for this position, subject to applicable eligibility requirements: Health, dental, and vision plans; wellness program; flexible spending accounts; paid parking or public transportation costs; 401(k) retirement plan; employee stock purchase plan; life insurance, short-term disability insurance, and long-term disability insurance; business travel accident insurance; Employee Assistance Program; PTO; and employee-paid critical illness and accident insurance.

Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
Apply Here
For Remote Ethical Hacking Engineer roles, visit Remote Ethical Hacking Engineer Roles

********

Pentesting Consultant at Crowe

Location: Chicago

Your Journey at Crowe Starts Here:At Crowe, you have the opportunity to deliver innovative solutions to today’s complex business issues. Crowe’s accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a “Best Place to Work.” We are 75 years strong and still growing. Come grow with us!Job Description:Joining our Consulting Financial Services practice is an opportunity to join a dynamic and growing practice which has a passion for serving clients and our community. From day one of your career, you will assist our clients to transform their governance, embed risk in their decision-making, and arm them with insights that will make them stronger. We will enable an entrepreneurial and innovative environment for you to deliver transformative consulting services and to develop deeply specialized skill sets demanded in today’s market. The Pentesting Testing Consultant will be responsible for providing their penetration testing knowledge to execute cybersecurity projects and deliver high quality work to our clients. This role will also conduct Internal and External Penetration Assessment, as well as execute Cybersecurity Assessments, including but not limited to the following areas and responsibilities: Perform Penetration Assessments against internal and external corporate networks Comprehension of potential performance impact vulnerability exploitation may have on a production environment Perform network reconnaissance activities and acquire OSINT to support engagements Identify vulnerabilities within Windows Active Directory and perform exploits to acquire related information or credentials Execute local system privilege escalation attacks on Windows Systems Perform network-based attacks Microsoft SQL database exploitation Evade malicious code detection solutions during advanced engagements Stay up to date with the latest vulnerabilities and exploits Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the Project. Submit recommendations to client for corrective action or to support a recommend approach to solving the client’s needs. Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively. Generate ideas for new cybersecurity solutions aligned with our clients evolving needs Qualifications Bachelor’s degree required, candidates must possess significant analytical skills, which likely evolved from early academic training in Cybersecurity, Information Systems, Computer Science, or similar discipline Minimum 1+ years of business experience in the areas of Information Security Financial Services experience strongly preferred CISSP, OSCP, CREST Penetration Testing, or equivalent certification preferred Experience performing Penetration Assessments against internal and external corporate networks Experience performing network reconnaissance activities and acquiring OSINT Familiar with various attack frameworks such as MITRE ATT&CK Experience with Windows Active Directory and related exploits/misconfigurations Familiarity with network and system pivoting techniques Experience performing local system privilege escalation on Windows Systems Experience performing network-based attacks such as protocol abuse and redirection attacks Familiarity with Microsoft SQL database functionality and exploitation Familiarity with evading malicious code detection solutions Experience within consulting or professional services, or at leading industry public companies is preferred Prior experience supervising junior level resources in the areas of Information Security Strong writing and interpersonal communication skills The ability to handle multiple projects concurrently This position requires a minimum of 30% travel Technology Skills Preferred Network Security Practices: Auditing, planning, design, implementation, testing, and management Microsoft Windows and Kali Linux Microsoft Active Directory and Group Policy Network architecture and protocols: TCP, UPD, IP, HTTP(S), DNS, NetBIOS, LLMNR, SMB, SSH, IPSec, EIGRP, OSPF, BGP, TLS, and others Microsoft SQL Server, VMware, Azure, AWS Penetration Testing tools: Burp, Nmap, Metasploit, Empire, Cobalt Strike, and others Intrusion Detection, Intrusion Prevention, Security Information and Event Management solutions Cryptographic tools, suites, and algorithms Build a Successful Future in ConsultingAt Crowe, Consulting professionals provide thought leadership, process expertise, technology insight and help clients identify, assess, evaluate, and reduce risks. Our Consulting professionals serve large organizations across many industries in an environment where innovation and new ideas are highly encouraged. Through various programs, we provide you with learning and reinvention through high-impact formal and systemic training, including industry, solution, technology, and consulting training, as well as certification. You will be part of a strong global team environment with a fast-paced, challenging, and collaborative setting. #LI-remote#Indeed Our Benefits:At Crowe, we know that great people are what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you!How You Can Grow:We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!
Apply Here
For Remote Pentesting Consultant roles, visit Remote Pentesting Consultant Roles

********

Sales Specialist – Central US at IsoPlexis Healthcare Corp

Location: Chicago

• Sales Specialist – Central US
• Personalized immunotherapies are the future of the fight against cancer, and IsoPlexis (www.
• isoplexis.com) is Making the Difference in enabling the lofty goal of employing immunotherapies to combat our toughest diseases.
• Our integrated systems, named #1 Innovation by Scientist Magazine & World-Leading Design by Red Dot, are changing cancer research by connecting biological readouts to what is actually happening in patients.
• Our game changing hardware technologies, originally from Cal Tech and Yale, combined with our next generation software and data visualizations, are powered by our amazing R&D team and used throughout the world.
• We work with a growing list of leading researchers who are publishing findings that connect our readouts to what is truly happening in patients, and that excites & drives all of us to do more!
• If you like working at the intersection of biological sciences and healthcare, and you enjoy intellectually challenging yet fulfilling projects, give us a call.
• Our fast growing team has a sense of integrity, energy, and urgency to ‘make things happen’ in our collective careers and in the broader world, and we look forward to talking.
• IsoPlexis is welcoming self-motivated, high energy biologists with FAS experience who are looking for career growth working with cutting edge technology, to apply today!
• Pitch IsoPlexis to our customer base on our new and exciting products and publications that have been released.
• Define game plan for your territory’s customers, identify key influencers and purchasing PIs for each opportunity.
• Responsible for selling IsoPlexis instruments and consumables in translational institutions and biopharma; Achieve annual sales quota, and close key accounts.
• Partner with customers, focus on opportunities, key influencers and decision makers to ensure swift revenue generation and deals closing.
• Self-manage time and resources efficiently to perform all responsibilities associated with customers, while maintaining salesforce.com and other internal processes (training, weekly reviews, etc
• Collect data and assist Isoplexis Marketing/Communication team with the development of marketing materials.
• Communicate all relevant customer information including product and/or customer experience or opportunities to Field Sales, Marketing, Internal Consulting Group and Technical Support.
• Including keeping CRM up to date with customer information and interactions
• Cross collaborate with Field Application Scientists, Field Service Engineers, and other Isoplexis support teams to ensure an exceptional customer experience from beginning to end
• Travel approximately 50% of the time
• Desire to thrive in a light-speed start-up environment and maintain an entrepreneurial mindset
• 5+ sales experience required
• Industry experience selling large ticket items and understanding and navigating the procurement process to such purchases
• Experience selling capital equipment a plus
• Degree in the scientific field a plus
• Technical sales background.
• Biomedical or biotechnology industry background is a plus
• Ability to handle multiple tasks and meeting short-notice deadlines, with daily reprioritization of work
• Collaborative / Team Player
• Commitment to quality
• ISOPLEXIS is only considering applicants who have valid authorization to work in the U.S., in this position, for the Company.
• ISOPLEXIS does not sponsor employment-based visas for this position.
• Job Type: Full-time
Apply Here
For Remote Sales Specialist – Central US roles, visit Remote Sales Specialist – Central US Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo