Pentester II

ECS is seeking a Pentester II to work remotely. 

Are you passionate about the ever-evolving field of cybersecurity and ready to launch a career with a positive and lasting impact? Join our dynamic team at ECS, a leading provider of solutions in science, engineering, and advanced technologies, including cloud, cybersecurity, artificial intelligence (AI), data, and enterprise transformation solutions. We’re searching for a Mid-Level Network/WebApp Pentester to join our dedicated cybersecurity.

As a Penetration tester at ECS, you will play a vital role in protecting our customers’ digital assets by identifying potential security threats. The ideal candidate will have a strong background in ethical hacking, security assessment, and vulnerability analysis. They will be adept at identifying and exploiting vulnerabilities in various systems, applications, and networks to enhance the security posture of our customer’s organizations. This role requires a proactive individual who is passionate about cybersecurity, has a keen eye for detail.

Salary Range: $125,000 – $150,000

General Description of Benefits

• Deep understanding of network security, endpoint security, and cloud security principles.
• 5+ years of hands-on experience in penetration testing
• Proficiency in using a variety of penetration testing tools such as Metasploit, Burp Suite, Nessus, Nmap, Wireshark, and others.
• Relevant certifications such as Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN).
• Strong understanding of network protocols, operating systems (Windows, Linux, macOS), and web application security principles.
• Familiarity with scripting languages such as Python, JavaScript, and Bash for developing custom exploits and automation scripts.
• Must possess exceptional verbal and written communication skills.
• Proficiency in producing clear, detailed pentest reports for technical and non-technical audiences.
• Ability to deliver compelling presentations and briefings to stakeholders, including non-technical audiences.
• Knowledge of common security frameworks and standards such as OWASP Top Ten, NIST Cybersecurity Framework, ISO 27001, PTES, and PTF