Remote Penetration Tester
BreakPoint Labs is seeking a Penetration Tester to help perform adversarial emulation on traditional enterprise environments. The ideal candidate has some experience performing penetration testing with an active interest in learning to improve their skill set.
Location: Remote from home with the possibility of occasional travel up to 25%.
• Assisting customers with penetration testing activities to include threat emulation against traditional network enterprise environments.
• Maintain in-depth technical knowledge of adversarial activity in order to replicate similar tactics, techniques, and procedures (TTPs) during assessments.
• Assess customers security posture through the use of automated tools and manual techniques to identify, verify and exploit security vulnerabilities.
• Use creative approaches and techniques to identify vulnerabilities that are commonly missed in security assessments, and automated tools.
• Exploit vulnerabilities and identify specific, meaningful risks to customers based on business and mission impact to critical infrastructure/network environments.
• Provide detail-oriented technical assistance with remediation and mitigation efforts, often in the form of verbal and/or written communication to the customer.
• Create comprehensive assessment reports that clearly define vulnerability findings and all scoped requirements defined within the rules of engagement.
• Interface with client personnel and trusted agents to gather information, clarify scope and investigate security controls in depth.
• One (1) to (3) years of experience performing full scope penetration testing of enterprise systems (Preferred).
• Ability to conduct full scope penetration testing of enterprise systems, including but not limited to: Active Directory (AD) enumeration, exploitation, and escalation of privileges, web application testing for custom flaws, wireless testing, password cracking, phishing and social engineering.
• Knowledge of vulnerability scanning and testing tools (Nmap, Nessus, Burp Suite Professional, Cobalt Strike, Metasploit, GoWitness, Whatweb, SQLMap, CrackMapExec, GhostPack, Bloodhound, and other tools as deemed appropriate for the engagement.
• Functional ability to leverage both Windows and Linux Operating Systems (OS)
• Ability to adapt to new Techniques, Tactics, and Procedures (TTPs) associated with realistic threats to improve vulnerability findings.
• Understanding of common attacker TTPs in order to perform threat analysis during assessments.
• Experience troubleshooting and understanding vulnerability scanning, testing tools and manual testing techniques to determine vulnerability findings that are missed.
• Experience with a Scripting language to automate tasks (Python, Bash, Perl, PowerShell, etc.)
About BreakPoint Labs
BreakPoint Labs is a growing cybersecurity services company focused on ‘high-end’
support to DoD, Federal, and commercial clients. Headquartered in the National Capital
Region, but with a presence in more than 14 states, BreakPoint Labs provides clients
with services in three core competencies: Cybersecurity Assessments, Defensive Cyber Operations, and Research and Development. We offer a full array of benefits consisting of medical, dental, and vision coverage in addition to a matching 401(k) plan. We are a company that encourages employee’s career path opportunities by providing $5,000 educational reimbursements yearly, and also providing training and certification reimbursements as well.