Withum is looking for a Penetration Tester in Washington – Apply Here!

Deal Score0
Deal Score0

Looking to work at a firm that encourages a work life balance?

Withum is a forward-thinking, technology-driven advisory and accounting firm, helping clients to Be in a Position of StrengthSM in today’s modern business landscape. Withum empowers clients with innovative tools and solutions to address their accounting, tax and overall business management needs. Withum is a place where talent thrives. We recruit only the best and brightest people, with a genuine passion for the business.

At Withum, we have experience helping organizations stay protected from cyber attacks of all kinds along with internal rogue employee activities. Unlike many cyber consulting companies, we offer comprehensive, full-service packages of cybersecurity solutions. From compliance assessments and protection plans, to detection and recovery services, we can help establish an effective cybersecurity program designed to keep your assets and information secure.

Withum’s Cyber and Information Security Services Group is currently accepting applications for a Penetration Tester.

Withum’s brand reflects our people, our culture and our strength. Withum has become synonymous with teamwork and client service excellence. The cornerstone of our success can truly be accredited to the dedicated professionals who work here every day, whose mission is to help our clients grow and thrive – to be in a position of strength. But our commitment goes beyond our clients as we continue to live the Withum Way, promoting personal and professional growth for all team members, clients, and surrounding communities.

How You’ll Spend Your Time
• Performing formal hands-on penetration tests and vulnerability assessment of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
• Designing, creating, and maintaining new penetration tools and security testing plans
• Developing scripts and programs for automated penetration and other security testing on networks, systems and applications
• Probing for vulnerabilities in web applications, fat/thin client applications and standard applications
• Pinpointing methods that attackers could use to exploit weaknesses and logic flaws
• Utilizing an understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
• Employing social engineering to uncover security holes (e.g. poor user security practices or password policies)
• Incorporating business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
• Researching, documenting, discussing, and writing security findings with management and IT teams and producing actionable, threat-based, reports on security testing results
• Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Reviewing and defining requirements for information security solutions
• Communicating security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
• Fostering and maintaining relationships with key stakeholders and business partners
• Providing feedback and verification as an organization fixes security issues

The Kinds of People We Want to Talk to Have Many of The Following:
• Previous working experience as a Penetration Tester for 3-5 years
• BA Degree in computer science, information technology, or cyber security preferred; equivalent combination of education and experience may be considered
• Preferred certifications: OSEP, OSCE, OSCE2, GXPN or other advanced offensive security certification
• Proficiency in mobile, web app and wireless penetration testing
• Expertise with Burp Suite, Quark, Wireshark, Aircrack and Metasploit
• Participation in Hack the Box or other ranked skills development site a plus
• Demonstratable participation in CTFs or bug bounties a plus
• Ability to read and interpret Java, Swift and Python programming syntax preferred
• Ability to create and modify scripts using Python, Bash or Powershell to automate workflow is a plus
• In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
• Hands on experience with testing frameworks such as the PTES and OWASP
• GitHub or blog showing off your work
• Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
• Critical thinker and problem solver
• Excellent organizational and time management skills
• Excellent communication and report writing skills

This position has the possibility of being remote for the right candidate.

Withum will not discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or because they are a protected veteran. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Remotely anywhere within the United States except the State of Colorado.


Apply Here

We will be happy to hear your thoughts

      Leave a reply

      Tech Jobs Here

      Get Alerts on the Latest Job Posts in your Inbox- Daily!




      We will not spam you. Don't forget to add us to your contacts!