Penetration Tester

Agio, Inc.
Full Time
Toronto, ON
Posted
Apply This Job
Job description

Agio is a hybrid managed IT and cybersecurity provider servicing the financial services, health care and payments industries. The company has extensive experience supporting the alternative investment space, specializing in hedge funds, private equity firms and asset managers. Agio offers technology hosting, monitoring, management, helpdesk, disaster prevention and recovery, as well as managed security, 360° cybersecurity programs, virtual CISO (vCISO) support and cybersecurity consulting.

We have team members in the US, UK, Canada, and India. Our remote work policy allows us to accommodate our employees' need for flexibility. Our family forward mentality and work-life balance focus empower our employees to live their best life at Agio.
WE OFFER:

  • Remote work arrangement
  • Competitive salary
  • Comprehensive health benefits including vision, dental, disability, life insurance, and more with immediate coverage
  • An inclusive parental leave policy
  • Uncapped paid vacation time off
  • 10 paid holidays
  • 10 paid sick days
  • 32 hours of paid volunteer time off
  • RRSP matching
  • Training and growth opportunities
  • A multicultural and diverse team
  • A supportive work environment
  • Social events
  • Agio swag
  • And more

SUMMARY OF POSITION
The security division of Agio provides customers with superior compliance and security solutions and services. Industry recognized for knowledge and skills in the Payment Card Industry Data Security Standard (PCI DSS), HIPAA Security Rule compliance, and general IT security consulting, the professionals deliver expertise with attention to both Cybersecurity and business needs.
This position requires the individual to function in a technical role, perform both technical assessments and generate billable revenue for the company. This role is responsible for testing client environments against a framework of penetration testing security standards and best practices, documenting findings, observations, recommendations and presenting in a written from. Previous employment in a consultative role is strongly desired.
Superb oral and written communication skills are required.

How this position impacts others

  • Cybersecurity consultants help make our clients more secure by testing the limits of their security controls, providing guidance to improve their configurations, cyber controls, and other elements that contribute to building a healthy and mature cybersecurity posture.
  • Consistently producing on-time, quality deliverables increases client loyalty, sets your Project Manager up for success, and allows business leaders to focus on the strategy and vision of the team.

Our cybersecurity consultants challenge the status quo, are team players who can work independently, and step outside their comfort zone. This allows them to grow as individuals and contribute to the overall success of the team and Agio.
Applicants should have 5 or more years' experience in the IT security (Cybersecurity) field (experience in the financial services sector is a plus) and should be able to execute at an advanced level in at least two, and at an intermediate level in two or more of the following:

  • Networking/infrastructure (routing/switching)
  • Penetration testing, vulnerability scanning, and security assessments (special focus in the Payment Card Industry (PCI) is a plus)
  • Security solutions (firewalls, IDS/IPS, encryption, two-factor authentication, SIEM, DLP)
  • Unix/Linux
  • Windows Network Operating Systems/Active Directory/Messaging (Exchange or open-source solutions)
  • Scripting Languages:
  • Bash
  • PowerShell
  • Python

Candidates should also have direct experience with one of the following:

  • Payment Card Industry Data Security Standard (PCI DSS). QSA experience a plus.
  • NIST Special Publication 800-53
  • ISO 27002
  • Security Risk Assessments

KEY DUTIES

  • Attend to customers' general and/or specific security needs on an hourly or project fee basis. Specific activities may include but is not limited to vulnerability testing, penetration testing, web application security testing, wireless security testing, social engineering, and security policy consulting.
  • As assigned, be the primary point of contact for a given set of customers and assume responsibility for the actions performed and the overall security posture for said customers.
  • Provide assistance and input with non-assigned customers' needs, based on skill set and availability.
  • Maintain documentation and notations for use by the customer and internally, for each customer.
  • Provide accurate, timely and complete time reporting for the purposes of customer billing.
  • Delivery of vulnerability assessment and penetration testing services to Agio customers.
  • Infrastructure Penetration Testing
  • Wireless Penetration Testing
  • Cloud Penetration Testing (Azure|AWS)
  • Red Team Assessments (Assumed Breach and Social Engineering Methodology Testing)
  • Purple Team Assessments (Attack and Defend scenarios)
  • Generate Penetration testing reports in a timely manner and assist in peer reviews and maintain the standards of testing across all engagements.
  • Support training and mentorship of Associates and Team members in the application of skills and promote new Tactics, Techniques and Procedures (TTP).
  • Utilizing automation and development of tools for the automation of testing services and vulnerability scanning.
  • Deliver continuous vulnerability assessments and Penetration testing as a Service to contractual clients and maintain strict schedules.
  • Collaborate with all Agio teams to ensure consistent experiences for the clients around the world and maintain client-facing documentation for the continued success of Agio clients.
  • Build and maintain strong customer relationships.
  • Assist the sales staff in the generation of new and management of existing business, including on site sales visits, pre-sales conference calls and assistance with proposal generation.
  • At request, gain and maintain accredited vendor and non-vendor specific certifications.
  • Participate in company designated meetings.

Expected Experience

  • Significant experience delivering security testing with a minimum of 5 years in a proven industry role, across the following verticals.
  • Infrastructure Penetration Testing
  • Web Applications Penetration Testing
  • Cloud Penetration Testing (Azure | AWS)
  • Red Teaming using assumed breach and social engineering methods
  • Tool Development, Testing Automation and Mentoring Team Members.
  • Experienced in operating specialist security technologies including Tenable, Qualys, Burp Suite, Metasploit Professional, Cobalt Strike and Core Impact.
  • Strong knowledge of network topologies and protocols
  • Strong understanding of building and deploying OVAs and Virtual Machines.
  • On-Premises (VMWare, Hyper V, VMWare Workstation)
  • Cloud (AWS, Azure)
  • Comfortable in an agile offensive security team, delivering complex offensive security projects.
  • Understanding of threat-based frameworks such as MITRE ATT&CK, OWASP and expert knowledge of threat mitigations.
  • Good understanding of information assurance standards and frameworks including PCI, Hi-Trust, NIST and ISO27001.
  • Excellent written and verbal communication skills.
  • Script development (PowerShell, Python, Perl, Ruby, etc.)

SPECIAL NOTES

Due to the nature of the work performed for customers, it may be necessary to work outside of normal business hours to perform certain tasks. Overnight travel is also required.

  • The hacker's mindset, A natural curiosity and willingness to pull things apart to see how they work.
  • Passionate about delivering best-in-class consultancy and testing services.
  • Ambitious and determined, someone who is comfortable operating in a fast-paced environment both as a team and individually
  • Industry Certifications (MUST HAVE)
  • BSc degree or equivalent
  • (OSCP) Offensive Security Certified Professional or CREST equivalent.
  • (CISSP) Certified Information System Security Professional
  • Advantageous or working towards
  • (OSEP) Offensive Security Experienced Penetration Tester.
  • (OSWE) Offensive Security Web Expert
  • GIAC GPEN
  • GIAC GWAPT
  • GIAC GAWN
  • SANS GSEC
  • PCI QSA
  • Outgoing and friendly personality, with strong communication skills.
  • Proven track record of successful delivery of technical projects

#LI-REMOTE
Agio is a blend of who we are and what we aspire to be. As an equal opportunity employer, we embrace diversity and are committed to creating an inclusive culture that allows each of us to do our best work and be our best selves.

Job Type: Full-time

musicforspaceships.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, musicforspaceships.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, musicforspaceships.com is the ideal place to find your next job.

Save This Job Apply Job

Intrested in this job?

Related Jobs

All Related Listed jobs

Chef d’équipe, division résidentielle
RénoAssistance par Desjardins Laval, QC

Chez RnoAssistance, votre bonheur, votre sant et votre plaisir au travail sont de la plus grande importance! Cest pourquoi nous crons pour vous un environnement de travail sans gal,
Vice President, Quality Control, BioPharma Manufacturing
Laguna Source New York, NY 10001

This is an exciting US expatriate executive leadership position responsible for overseeing all Quality Control operations within a best in class Global Contract Manufacturing Organization (CMO).
Registered Nurse Home Health
Prudential Hospice Care Los Angeles, CA

Prudential Health Care /Heralds Home Health is seeking Registered Nurses to become a part of a great team. We provide home health professionals for the local area including Irvine, Long Beach,
Ticket Sales Representative
Oak View Group Township of Moon, PA 15108 $45,000 - $55,000 a year Today

Oak View Group (OVG) is the worlds leading arena development, management, and hospitality company founded in 2015 by Tim Leiweke and Irving Azoff to disrupt
Certified Medication Aides (CMA) - up to $20.00/hour*!
Delmar Gardens of Smyrna Smyrna, GA 30082

Delmar Gardens of Smyrna is pleased to announce, there isMORE FOR YOU IN 2022!MORE MONEY! MORE FLEXIBLE SCHEDULE! MORE BONUS MONEY! MORE LIFE-BALANCE!Delmar Gardens of Smyrna is seeking
Associate End User Support
BOEING Maryland Heights, MO

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and
Server
Meridian Senior Living Smithfield, RI 02917 Just posted

Company paid Life Insurance and Long-Term Disability. Voluntary Benefits that include Short Term Disability, Accident Coverage, Critical Illness, and more!
Business Manager
Bright Horizons Family Solutions Tampa, FL 33610 $45,000 - $55,000 a year 1 day ago

This role will be responsible for problem-solving unique situations, taking control of urgent issues, and being the gatekeeper for the Executive Director.
Lead Carpenter/Carpenter Helper
Arcadia ICR Group Pensacola, FL 32514

Lead Carpenter/Carpenter helper needed for residential construction projects. Qualifications: Minimum 5 years experience as a Lead Carpenter for the Lead Carpenter position.

Technician-TL Drafting-Entry Level
Mesa Associates, Inc. Chattanooga, TN 37402

Weve got the power to energize Your career and spark YOUR Work/Life Balance through professional development and exceptional benefits. Dont delay, plug in today for an inclusive meaningful