ACA Compliance Group Holdings, LLC

  • PENETRATION TESTER - RED TEAM

    Job Locations US-MA-Boston | US-MD-Silver Spring | US-CA-San Francisco | US-CA-El Segundo | US-Chicago | US-CO-Denver | US-NJ-Morristown | US-PA-Pittsburgh, PA | US-New York | US-OR-Portland | US-MO-St. Louis...
    Job ID
    2018-1150
    Category
    Risk (Cybersecurity) Division
    Type
    Regular Full-Time
  • Overview

    ACA COMPLIANCE GROUP/APONIX

    Job Description 

     

    PENETRATION TESTER - RED TEAM

     

    About ACA/Aponix:

     

    ACA is a management consultancy providing compliance, cybersecurity, risk, and technology solutions to financial services firms. ACA works with 84% of the largest hedge funds, 70% of the largest private equity firms, and 64% of the top 100 asset managers (by AUM). We are now the largest management consultancy firm of our kind (700 employees), we have the most former regulators on staff, and we are considered the gold standard in our sector.

     

    Aponix, ACA's Cybersecurity & Risk practice group, was named "Best Global Cyber Security Advisor" by Hedgeweek Magazine and "Due Diligence Firm of the Year" by M&A Advisor. Aponix is looking to add penetration testers to our practice group. For this role you can work remotely or be based out of our New York/Chicago/Boston/San Francisco or Los Angeles offices.

     

    Position Objective:

     

    The individual in this position is responsible position is primarily responsible for the successful execution of ACA Aponix client engagements, and ongoing client support services and satisfaction with ACA Aponix services. The individual in this position is also responsible for evaluating the physical, administrative and technical security of an organization’s IT infrastructure of ACA Aponix clients, by reviewing policies and procedures, assessing and exploiting vulnerabilities via  technical and social engineering tools and techniques.

    Responsibilities

    Summary of Responsibilities:

    • Lead client calls to plan engagements and establish expectations, and, following completion of engagements, to present findings and provide analysis
    • Conduct on-site or remote application, network, systems and infrastructure penetration tests
    • Review physical security and perform social engineering tests where appropriate
    • Compile written reports and present findings to a range of stakeholders
    • Make recommendations for security improvements
    • Supervise, train, evaluate, oversee, and provide feedback to junior colleagues
    • Keep up to date with latest testing and ethical hacking methods

    Qualifications

    Summary of Minimum Qualifications and Knowledge Requirements:

    Bachelor’s Degree required – major concentration in computer science, information systems, or a comparable field preferred; alternatively three years of information security, information technology, or development experience required

    • Good understanding of network protocols
    • Ability to assess testing tools and deploy the right ones
    • Solid technical skills in both information security architecture and penetration testing
    • Project planning skills
    • A solid understanding of ethical hacking
    • Scripting and programming experience is helpful
    • Ideally one or more certifications OSCP, GXPN, GPEN
    • Ability to explain findings to non-technical professionals
    • Willing to travel up to 25%

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed