---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Penetration Engineer
Location: Milwaukee, Wisconsin, United States
Type: Permanent F/T
Closing Date: 2007-12-08
403 Labs (www.403labs.com) is a young innovative information security
consulting company adding on to our core team of talent. Enjoy a casual work
environment and a flexible schedule while you help us impress and build our
portfolio of nation-wide and international clients.
We're looking for an enthusiastic technical expert to perform network and
application penetration testing. You'll be required to write test and
penetration plans as well as verbalize and document your results for technical
and non-technical audiences.
JOB REQUIREMENTS
---------------------------------------------------
We'll expect you to:
* Be proficient with all the usual suspects:
-- Windows and Unix/Linux operating systems
-- Web applications and services
-- Firewall, IPSEC and SSL VPNs, IDS, WLANs
-- Database design, implementation, and management
-- Cryptography, ciphers, and key management
-- Commercial and open source security tools (e.g., Nessus, Nmap,
Netcat, Web Inspect, Metasploit, Cain, Wireshark, VMware, run-live distros, ...)
-- Scripting (vbscript, javascript, perl, ruby) and application
development skills are distinguishing factors; if you can write your own tools,
even better
* Be prepared to maintain your proficiency; you'll need to keep up to date with
tools, countermeasures, threats and technologies, share your knowledge and
mentor new team members and peers, and develop and refine tool s, templates and
methodologies
* Be able to interpret vulnerabilities, identify weaknesses, exploit them, and
escalate your access; we don't just run tools and slap on a cover sheet
You must:
* Rock
* Be able to work on multiple concurrent projects
* Be an independent and creative thinker, yet still work well as a team
* Own more than one black t-shirt
* Enjoy working via the command line
While certifications don't indicate competence, they do reflect professionalism
and a minimum knowledge level. You'll get a gold star in any of the following:
* CISSP (or willingness to get certified)
* Other security and IT certifications (e.g., GIAC, CISA, CEH)
* Technical certifications (e.g., MCSE, CCNA, etc.)
* Financial and Payment Card Industry (PCI) experience
* Related industry certifications (QSA, QPASP)
If you demonstrate your expertise and can make an impact, you'll be able to
define your own position. If you're equally proficient in other security
services, there will be plenty of opportunities to provide existing or develop
new client offerings. You'll also have the ability to participate in other
business growth opportunities such as sales, client management, industry
presentations, trade shows, whitepapers and exploit advisories.
If you like to break into your own systems and you're a quick learner, you'll
fit in well. We'll make sure your techniques are inline with ours.
If you've broken into someone else's system without authorization, please don't
bother to apply.
U.S. citizenship required.
CONTACT
---------------------------------------------------
Please forward a copy of your resume, cover letter with salary requirements and
a reason to hire you to careers [at] 403labs [dot] com.
403 Labs, LLC
HR Department
careers@403labs.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
