Associate, Compliance Security Penetration Tester

📋 Description

• • Join Coalfire Systems Inc., a leading cybersecurity firm dedicated to making the world a safer place by tackling our clients' most complex security challenges. We operate at the forefront of technological innovation, providing expert advisory, assessment, automation, and guidance to help organizations navigate the dynamic and ever-evolving cybersecurity landscape. With headquarters in Chicago, Illinois, and offices spanning the U.S. and U.K., we extend our support to a global clientele.
• • At Coalfire, we are more than just cybersecurity professionals; we are a collective of passionate problem-solvers, thought leaders, consultants, and experts driven by a shared hunger for learning, growth, and making a tangible impact. We foster a collaborative environment where individual skills are leveraged to achieve collective success.
• • As an Associate, Compliance Security Penetration Tester, you will play a crucial role in our mission by conducting comprehensive security assessments and simulating sophisticated cyberattacks for a diverse range of clients across the globe. This role offers an exceptional opportunity to hone your skills and gain invaluable experience in a fast-paced, challenging, and rewarding environment.
• • You will be instrumental in performing internal and external network penetration tests, identifying vulnerabilities within client infrastructures, and providing actionable recommendations for remediation. This involves a deep dive into network architecture, security controls, and potential attack vectors to uncover weaknesses before malicious actors can exploit them.
• • The position also requires proficiency in application penetration testing, encompassing browser-based applications, APIs, and mobile platforms. You will meticulously examine application code, configurations, and runtime environments to detect security flaws such as injection vulnerabilities, broken authentication, cross-site scripting (XSS), and other common web and mobile security risks.
• • Furthermore, you will engage in cloud solution penetration testing, assessing the security posture of cloud environments (e.g., AWS, Azure, GCP) and their associated services. This includes evaluating identity and access management, network security configurations, data protection mechanisms, and compliance with cloud security best practices.
• • A key aspect of this role involves the execution of social engineering campaigns, designed to test the human element of security. This may include phishing simulations, pretexting, and other techniques to assess employee awareness and susceptibility to manipulation.
• • You will also conduct wireless assessments, evaluating the security of Wi-Fi networks and associated infrastructure to identify vulnerabilities such as weak encryption, rogue access points, and unauthorized access.
• • Working both independently and collaboratively within a team, you will be responsible for executing these diverse assessment activities, applying your growing skillset to a wide array of technologies and implementations.
• • Your responsibilities will extend to documenting findings meticulously, generating detailed reports that clearly articulate identified vulnerabilities, their potential impact, and practical, effective remediation strategies. This requires strong analytical and communication skills to translate complex technical issues into understandable insights for clients.
• • You will actively participate in client debriefings, presenting your findings and recommendations with clarity and confidence, and engaging in discussions to ensure a thorough understanding of the security risks and proposed solutions.
• • Continuous learning and professional development are paramount. You will stay abreast of the latest threats, vulnerabilities, attack methodologies, and security technologies to maintain a high level of expertise.
• • This role demands a proactive approach to problem-solving, a keen eye for detail, and the ability to think critically and creatively to anticipate and counter sophisticated cyber threats.
• • You will contribute to the continuous improvement of Coalfire's methodologies, tools, and processes, sharing knowledge and best practices with your colleagues.
• • By successfully performing these duties, you will directly contribute to enhancing the security posture of our clients, protecting their sensitive data, and ensuring their compliance with relevant security standards and regulations.
• • This is an exciting opportunity to grow your career in cybersecurity with a company that values innovation, expertise, and a commitment to making a real difference in the digital world.