About the Role
**This is a remote job within the United States**
*** To Apply for this position, please send an introduction and your resume to Allie (aCrawford@ThoriumInfosec.com) ***
Thorium is seeking an Offensive Penetration Tester. Winning candidate(s) will work with a small team of self-starters, collaborators, and innovators, and will possess a deep level of domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, and Cloud, as well as social engineering. They will also possess critical "soft skills" required to present complex solutions and topics in a concise manner to audiences of varied levels of understanding and influence. Candidate must also have great people skills, writing skills, and be able to present very technical information to non-technical customers in a friendly and understandable way.
This Information Security consultant will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness.
Job Requirements:
• Perform internal and external penetration testing of network infrastructure and applications for client engagements.
• Perform Red team assessments including physical, social engineering, and network exploitation as required.
• Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases in sensitive enterprise environments.
• Must be willing to travel, if needed, to be on-site with clients and conduct red team assessments, potentially including physical social engineering.
• Perform network reconnaissance, OSINT, social engineering, and physical security reviews.
• Author and implement exploits & attacks, create tools & scripts, gather output, analyze the results, and present the results to the end client.
Required Skills:
• Previous professional experience performing offensive penetration testing.
• Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk.
• Ability to present security concepts and/or findings to both highly technical and entirely non-technical audiences.
• Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely manner.
• Strong verbal and written communication skills, organizational skills, and attention to detail.
• Ability to work collaboratively or independently as required.
• Ability to manage multiple and changing priorities and tasks.
• Ability to self-start, self-motivate and self-direct as required.
• Working knowledge of Security Testing and Audit Platforms (Nessus, NMAP, etc.).
• Working knowledge of host/network common vulnerabilities and exploits.
• Experience using the Microsoft Office Suite (Word, Excel, PowerPoint).
Required Milestones:
• 3+ years of experience conducting penetration testing, professionally, for customers of varied sizes.
• Bachelor's Degree in a Technology field or 4 additional years relevant work experience.
• Advanced experience with common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.).
• Must have a demonstrable understanding of voice and data networks, major operating systems, active directory, cloud technologies.
• Ability to optimally code in a scripting language (Python, Bash, Power Shell, Perl, etc.).
Thorium is an equal opportunity employer (EOE) that empowers our people. It is the policy of Sentinel to provide equal employment opportunities to all employees and employment applicants-without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws.
We fearlessly drive change, because without diversity of thought and a commitment to equality for all, there is no moving forward. Reasonable accommodations are available for qualified individuals with disabilities, upon request. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training
Requirements
Job Requirements:
Perform internal and external penetration testing of network infrastructure and applications for client engagements.
Perform Red team assessments including physical, social engineering, and network exploitation as required.
Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases in sensitive enterprise environments.
Must be willing to travel, if needed, to be on-site with clients and conduct red team assessments, potentially including physical social engineering.
Perform network reconnaissance, OSINT, social engineering, and physical security reviews.
Author and implement exploits & attacks, create tools & scripts, gather output, analyze the results, and present the results to the end client.
Required Skills:
Previous professional experience performing offensive penetration testing.
Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk.
Ability to present security concepts and/or findings to both highly technical and entirely non-technical audiences.
Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely manner.
Strong verbal and written communication skills, organizational skills, and attention to detail.
Ability to work collaboratively or independently as required.
Ability to manage multiple and changing priorities and tasks.
Ability to self-start, self-motivate and self-direct as required.
Working knowledge of Security Testing and Audit Platforms (Nessus, NMAP, etc.).
Working knowledge of host/network common vulnerabilities and exploits.
Experience using the Microsoft Office Suite (Word, Excel, PowerPoint).
Required Milestones:
3+ years of experience conducting penetration testing, professionally, for customers of varied sizes.
Bachelor's Degree in a Technology field or 4 additional years relevant work experience.
Advanced experience with common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.).
Must have a demonstrable understanding of voice and data networks, major operating systems, active directory, cloud technologies.
Ability to optimally code in a scripting language (Python, Bash, Power Shell, Perl, etc.).
About the Company
Thorium Information Security - providing a tailored strategy to address the many cybersecurity challenges faced by customers in today’s ever-changing business and industry landscape.
Thorium provides industry-leading Information Security audits in the form of penetration testing, risk assessments, and other critical 3rd party assessments. We take pride in producing the most thorough and personable reports on the market to ensure our customers receive the information and guidance they need to protect their customers, infrastructure, and company.