Senior Security Engineer (Penetration Testing/GRC Assessments) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Structured Communication Systems ยท 4 days ago

Senior Security Engineer (Penetration Testing/GRC Assessments)

positionOregon, United States
timeFull-time
remoteHybrid
senioritySenior Level
money$110K/yr - $130K/yr
date5+ years exp

Structured Communication Systems is a leading information technology consultancy and systems integrator. They are seeking a skilled Senior Security Engineer with a focus on Penetration Testing to conduct comprehensive security assessments and identify vulnerabilities in various systems and applications.

ComputerInformation TechnologySecurityTelecommunications
check
Diversity & InclusionbadNo H1Bnote
Hiring Manager
Emelie Reay, SHRM-CP
linkedin

Responsibilities

Performs comprehensive penetration testing for internal and external environments, including network and application layer testing, web application assessments (OWASP Top 10, APIs, mobile apps), wireless security, and social engineering campaigns
Conducts red team operations, adversary simulation exercises, and vulnerability assessments to identify and exploit security weaknesses in systems, applications, and infrastructure
Develops custom exploits and tools to support penetration testing activities
Performs security assessments from frameworks in the following compliance areas: PCI DSS, HIPAA, GLBA, SOX, GDPR, CIS Critical Security Controls, NERC CIP, and ISO 27000
Performs risk assessments according to guidance, including NIST SP 800-30 or OCTAVE
Creates incident response plans and conducts tabletop exercises
Writes professional penetration testing and assessment reports that include detailed findings, risk ratings, and remediation recommendations as a deliverable
Responsible for the implementation/configuration of the various systems and appliances for the manufacturers that Structured represents
Responsible for creating alternative designs to satisfy performance and cost criteria based upon customer requirements
Identifies and corrects faults and provides resolution of complex problems based upon tickets that are escalated from Structured's help desk
Effectively communicate Structured's value proposition through presentations, proposals, and the development of collateral to drive sales and the branding of Structured
Supports sales opportunities with Account Executives
Interfaces with end-users for the purpose of designing and implementing new solutions
Ability to troubleshoot problems with existing systems/solutions
Ability to translate highly technical material into common language for purposes of generating reports
Supervises projects and work assignments in order to ensure effective and efficient delivery
Prepares reports in order to update management regarding project status and/or manufacturer updates
Provides input for professional service statements of work ("SOW") and create SOWs as directed, as well as perform project management services (as needed)
Follows the current policies and procedures for tracking activities in Structured's various CRM/service delivery tools
Additional duties as assigned

Qualification

Penetration TestingSecurity AssessmentsOffensive Security ToolsCompliance FrameworksScripting LanguagesVulnerability AssessmentsIncident Response PlansSecurity CertificationsCustomer ServiceProject ManagementTechnical Communication

Required

Bachelor's degree (B.A. or B.S.) from a four-year college or university in information systems or equivalent experience
At least 5+ years' experience in a technology-related field, including 2+ years' penetration testing and security assessment experience
Hands-on experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, Wireshark, Cobalt Strike, and other offensive security frameworks
Experience with scripting/programming languages (Python, PowerShell, Bash) for tool development and automation
Knowledge of exploitation techniques, post-exploitation activities, and privilege escalation methods
Advanced user of Microsoft Office Suite
Extensive experience with customer relationship management tools, such as Salesforce
Extensive understanding of security and network theories and advanced security and networking troubleshooting capabilities
Ability to read, analyze, and interpret quotes and reports
Ability to synthesize large amounts of highly technical material into common language for use in reports
Ability to effectively present information and respond to questions from employees, management, vendors, and customers
Must have a valid Driver's License and the ability to travel to customer locations and other destinations for short to medium term projects

Preferred

Previous experience providing solution design and implementation preferred
Experience with PCI DSS, HIPAA, GLBA, CIS Critical Security Controls, NERC CIP, SOX, GDPR, and ISO 27000 series security frameworks preferred
OSCP, OSCE, GPEN, GWAPT, GXPN, CISSP, CISA, CISM, or other relevant certifications are highly preferred

Benefits

Medical
Dental
Vision
Group life
AD&D insurance
Long and short-term disability coverage
401(k)
Training on mutually agreed upon professional goals through a combination of self-study courses, formal training, and on-the-job training
Obtaining industry-based certifications is highly encouraged

Company

Structured Communication Systems

twittertwittertwitter
company-logo
Structured Communication Systems is a computer & network security company specializing in cloud, VoIP, and managed services.
dateFounded in 1992
location
Clackamas, Oregon, USA
people-size51-200 employees
web-link
http://structured.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Ty Trabosh
Chief Technology Officer
linkedin
Company data provided by crunchbase