W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9jbnrlbgxldgvjig5ldy9qcgcvbmv3lwjhbm5lci1kzwzhdwx0lmpwzyjdxq

Cybersecurity Manager and Penetration Tester

  • Location

    New York

  • Sector:

    Cyber Security

  • Salary:

    Market Competitive d.o.e.

  • Contact:

    Tom Layzell c/o Intelletec

  • Contact email:

    tom@intelletec.com

  • Job ref:

    TL 3/3

  • Startdate:

    ASAP

  • Consultant:

    Tom Layzell

Cybersecurity Manager and Penetration Tester

 

Our client is one of the world’s leading audit, tax, and advisory consultancies, because of their exceptional growth in the Cybersecurity space they are now looking for a Senior Cybersecurity & Penetration Test Manager for their New York offices. This exciting managerial opportunity offers a fantastic chance to display your technical knowledge whilst broadening your project management skills. Responsibilities will include end-to-end cybersecurity engagement, performing cybersecurity assessments, pen testing & the implementation of operational security solutions.

 

Responsibilities:

 

  • The ideal candidate is tasked with leading & managing the performance of technical cybersecurity assessments, including network penetration testing, red teaming, web application tests and vulnerability assessments

  • Assist with the performance of compromise assessments to identify indicators of compromise within an organization’s network and systems

  • Supervise and conduct cybersecurity control assessments in accordance with industry frameworks and leading practices

  • Perform cyber threat & risk assessments, as well as managing the end-to-end client engagement process, including planning, execution, and reporting

  • Perform quality review of engagement fieldwork, results and deliverables

  • Develop and present tailored recommendations to mitigate cyber threats and risks to both a technical and executive audience

  • Supervise, train and mentor other Cyber Risk team members on client engagements and evaluate the performance of the staff for engagement reviews and year-end performance reviews

  • Proactively interact with key client management to foster a positive relationship, gather information, resolve problems and make recommendations for improvements

  • Work with clients to plan an engagement strategy, define objectives, and address cyber- related risks and issues

 

Qualifications:

 

  • Bachelor's and/or Master’s degree in Information Technology, Computer Science or Cybersecurity related field is required

  • 5+ years experience in cybersecurity in a related consulting practice or function, servicing cross- industry clients at a national level

  • One or more of the following technical certifications: OSCP, OSCE, GXPN, GPEN

  • One or more Security certifications is preferred: CISSP, GSEC, CISM

  • Experience leading & performing network penetration testing & the successful exploitation of vulnerabilities. Exploit development is a plus

  • Experience testing web applications for common security vulnerabilities as referenced by OWASP, including; cross-site scripting issues, session management vulnerabilities, input validation vulnerabilities, broken access controls, SQL injection & web server configuration issues

  • Hands-on working experience with commercial and open source network and application security testing tools such as; Qualys, Core Impact, Kali Linux, Nessus, Metasploit, Webinspect, Burp Suite, NMAP & Wireshark

  • Experience documenting technical testing and assessment results in a formal report format and presenting results to both a technical and executive audience

  • Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships

  • Ability to manage multiple client engagements and competing priorities in a rapidly growing, fast- paced, interactive, results-based team environment

  • Threat and compromise assessment and threat intelligence platform knowledge and experience is a plus. Experience in reviewing security configurations of common network devices (routers, switches, firewalls) and server operating systems is preferred

  • Knowledge of TCP/IP and computer networking

  • Understanding and working knowledge of common security frameworks; e.g., NIST CSF, CIS CSC, ISO 27001/2

  • Ability to supervise other firm staff and lead assigned projects effectively