
Strategic Staffing Solutions
STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!
Strategic Staffing Solutions is currently looking for a Penetration Testing Analyst for a contract opportunity with one of our largest clients located in Detroit, MI!
Title: Penetration Testing Analyst
Location: Detroit, MI (Hybrid schedule: 3 days in office T,W,Th)
Duration: 12+ Months
Role Type: W2 contract engagement
Job Description:
Required Experience / Skills
- At least three years of penetration testing experience, including Web Apps/APIs, Internal and external network infrastructure, Wireless Access Points, Cloud / SaaS environments, and Both Windows and Linux Server environments.
- Experience testing for regulatory requirements (PCI -DSS).
- Proficient in at least one programming language, such as Python, Ruby, Java, or C#,
- Proficient with standard web development languages, such as HTML, CSS, JavaScript, and PHP,
- Solid understanding of networking concepts, such as TCP/IP, DNS, HTTP, FTP, SMTP, and VPN.
- Well-versed in security principles, such as encryption, authentication, authorization, and access control.
- Experience with Technical writing, drafting testing reports, and presenting executive summaries
- Solid understanding of Cyber Risk Management concepts and functions, e.g. Risk assessment, Risk Mitigation, Threat analysis, Threat modeling, and Remediation Assessment.
- Experience working with a Risk Registry (Not required, but a Plus)
- Experience working in Incident Response. (Not required but a plus)
- Understanding of SCADA systems. (Not required but a plus)
- Experience working on a Red or Purple team (not required, but a plus!)
Soft Skills:
- Excellent communication skills, including the ability to explain technical concepts to a non-technical audience
- Excellent Organizational and time management skills.
- Desire to problem solve.
- Experience working in the Utility, Energy, or Financial sector
Must have Experience with some of the following Tool and Technologies:
Testing specific
- Kali Linux Distro and associated tool (Metasploit, Wireshark, Nmap OWASP ZAP, John the Ripper, Aircracking, etc.)
- Burp Suite
- Nessus Pro
- Defect Dojo
- Probely (Not required, but a plus)
- Qualys (Not required, but a plus)
*Beware of scams. S3 never asks for money during its onboarding process
Job ID: JOB-239957
Publish Date: 28 Jan 2025