Penetration Tester

**About the Role**:
We are looking for dedicated, hard-working, and successful members to add to our team as we continue to expand. You will be joining an exciting and rapidly growing company. This outstanding position offers a chance to work in one of the highest demand fields, Cybersecurity, a defined career path, and excellent employee benefits.

At ISA, we help protect our clients’ most sensitive and valuable data by performing comprehensive and real-world scenario testing. The consultant will have the opportunity to face a new client environment daily or monthly and will have to assess them accurately with hands-on testing and complex problem-solving. You are expected to have a deep understanding of information security and computer science from a red team point of view and must be able to identify/exploit misconfigurations in network infrastructure.

**About Us**:
ISA is a cybersecurity-focused technology firm, with 30 years of experience helping organizations of all sizes solve complex challenges relating to IT security. We act as trusted advisors in providing services to help our clients define, implement and manage their strategies to minimize IT security related risk, and to provide a secure business environment for their employees and customers. We also deliver state-of-the-art cybersecurity solutions thanks to strong partnerships with the industry’s leading Technology Vendors.

Why Join Us? At ISA, every employee makes a P.A.C.T. to Embody Our Corporate Core Values, everyday. Our core values (Passion for Excellence, Accountability, Commitment, Trust) shape the community and culture we have built and are an active part of everything that we do. We also believe that what will make you great is your individual contributions to your team; think of your team as a start-up that learn from each other. If you’re looking for autonomy and no old-fashioned hierarchy, ISA and you could be a match made in heaven.

**Reporting Relationship**:
There are no positions that report to the Penetration Tester role.

**Responsibilities**:

- Develop and maintain a multi-year schedule for penetration testing activities
- Design, perform and report on penetration testing of systems to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF) and Open Web Application Security Project (OWASP)
- Stay abreast of current attack vectors and unique methods for the exploitation of computer networks
- Follow the latest penetration techniques and share them with the team.
- Provide detailed reports with evidence of findings, risk analysis, advice, and remediation instructions.
- Communicate findings effectively to client stakeholders, including technical staff
- Safely utilize attacker tools, tactics, and procedures
- Help to improve ISA’s Malware development department by creating or modifying malware using the following programming languages (C, C++, and C#)

**Qualifications**:

- Basic Knowledge of supporting, implementing, and maintaining IT Security solutions, with an emphasis on network-based technologies
- Intermedium networking skills
- Penetration testing Knowledge in Cloud infrastructure is a plus.
- Strong knowledge of ethical hacking principles and techniques
- Understanding of Vulnerability Assessment methodologies
- Ability to communicate risk effectively
- Experience conducting Security Assessment exercises, including SANS Top 20 Audits
- OSCP and/or PNTP are highly desirable, as are GPEN, EJPT, and eWPT or similar certifications.
- Multi-tasking ability
- Self-motivated
- Proficient knowledge of the following programming languages C, C++, C#, and Python.
- Travel between 5% - 10% of the time if required.

**Accessibility**: