Post a job
Information Security Consultant - Red Team

Company:
eSentire
Location:
Cork, Country: Ireland
Job Type:
Job Description
What are we looking for?

As a key member of our Managed Risk Services Team the Information Security Consultant role will be responsible for the testing and assessment of customer network infrastructure and applications. Activities will include but are not limited to vulnerability assessments, penetration testing, evaluating information security controls and solutions, detailed reporting, and providing remediation recommendations for identified issues. The role will also provide subject matter expertise in areas of network security, application security, and attack and defense techniques and countermeasures.

Requirements:
  • University Degree or College Diploma in Computer Sciences, Information Technology or a related field or equivalent combination of education and experience
  • Minimum of 5+ years of information security experience in either testing or consulting roles
  • Demonstrated experience with penetration testing and security assessment frameworks and procedures, including following industry best practice methodologies for penetration testing (e.g., OWASP guidelines), and the ability to perform both manual and automated testing
  • Well versed in technologies, common security management tools and platforms such as: firewalls, IDS/IPS, EDRs, Proxy, VPNs, SIEM, DLP, Advanced Malware Protection, NAC, Anti-virus, and MDM as they relate to the security posture of a client organization
  • Demonstrated experience running and managing network and application vulnerability scanning and assessment tools
  • Strong knowledge of tools used for network security testing, web application, social engineering and wireless
  • Thorough understanding of network protocols, data on the wire, and covert channels
  • Perform penetration tests against external networks, internal networks, web applications, mobile applications, social engineering, phishing, vishing, physical security, wireless networks, and more
  • Detailed knowledge of advanced attack capabilities, characteristics, and detection methods
  • Extensive technical knowledge of security industry best practices and procedures
  • Create and deliver recommendations to achieve and maintain compliance
  • Providing clear and concise communication (written and oral) to clients that consists of findings, recommendations, road maps, and actionable plans
  • Excellent verbal and written communication skills including the ability to write clear and concise assessment reports
  • Enhancing and updating testing methodologies, processes and standards documentation
  • Research evolving exploits, techniques, and tools in support of penetration testing efforts
  • Develop security tools and create security blog posts to share information with the security community
  • The ability to develop or use scripts and utilities to automate assessment and analysis activities
  • Must have OSCP or CREST equivalent certification/license
  • Willingness to work outside of business hours (weekends/evenings)
Desired:
  • Consulting experience leveraging offensive methodologies during red teaming and penetration testing
  • Must possess a high degree of intelligence, competence, maturity, adaptability, resilience, integrity, and initiative
  • Experience with curating technical and non-technical documentation with reference to internal processes, procedures and
  • Knowledge of security compliance policy, programs, processes, and metrics
  • Clear, logical and persuasive communication skills with an ability to work closely with executives and employees at all levels
  • Maintain relevant industry certifications and demonstrate a willingness to work toward additional credentials
  • Researching and learning about information security trends, new testing techniques, and best practices, and knowledge sharing with the team
  • Development skills in any of the following: Python, Perl, Go, Ruby, PowerShell, Bash, C++, C#, and Javascript
  • Professional offensive security certifications including OSWE, OSCE are beneficial
  • Non-vendor specific certifications such as: GIAC security certifications (GPEN, GWAPT, GXPN), Licensed Penetration Tester (LPT), Certified Penetration Tester (CPT), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Risk Management Professional (CRMP), Certified in Risk and Information Systems Control (CRISC), Information Systems Security Management Professional (ISSMP)
Why a Career with eSentire?
Our Culture: At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives!
Growth Opportunities: At eSentire you will have the opportunity to grow and make an impact from your work. We encourage innovation in all who become a part of our team. With growing operations internationally, there is lots of lateral and upward advancement opportunities for rewarding and developing careers with eSentire. We’re strong believers in continuing education and provide the resources that you need to continue learning.
Employee Perks: Every day we provide breakfast, snacks and refreshments, flexible working hours, half day off birthdays, subsidies for continuing education and health & wellness, and attractive compensation and benefits plans. We make it our obligation to the team to stay current with compensation trends in the tech field!
Job Settings
Number of jobs: 1 hires
Information about the advertiser
Company: eSentire
Company size: 1-49
Contact: NA