ACA Compliance Group Holdings, LLC

  • Penetration Tester - Red Team - Social Engineering -Remote OK

    Job Locations US-New York | US-MA-Boston | US-CA-San Francisco | US-CA-El Segundo | US-PA-Pittsburgh, PA | US-Chicago | US-Boca Raton | US-CO-Denver | US-MD-Silver Spring | US-TN-Chattanooga | US-OR-Jacksonville | ...
    Job ID
    Risk (Cybersecurity) Division
    Regular Full-Time
  • Overview

    About ACA/Aponix:


    ACA is a management consultancy providing compliance, cybersecurity, risk, and technology solutions to financial services firms. ACA works with 84% of the largest hedge funds, 70% of the largest private equity firms, and 64% of the top 100 asset managers (by AUM). We are now the largest management consultancy firm of our kind (750 employees), we have the most former regulators on staff, and we are considered the gold standard in our sector.


    Aponix, ACA's Cybersecurity & Risk practice group, was named "Best Global Cyber Security Advisor" by Hedgeweek Magazine and "Due Diligence Firm of the Year" by M&A Advisor. Aponix is looking to add penetration testers to our practice group. For this role you can work remotely or be based out of our New York/Chicago/Boston/San Francisco or Los Angeles offices.


    Position Objective:


    The individual in this position is responsible position is primarily responsible for the successful execution of ACA Aponix client engagements, and ongoing client support services and satisfaction with ACA Aponix services. The individual in this position is also responsible for evaluating the physical, administrative and technical security of an organization’s IT infrastructure of ACA Aponix clients, by reviewing policies and procedures, assessing and exploiting vulnerabilities via  technical and social engineering tools and techniques.


    • Lead client calls to plan engagements and establish expectations, and, following completion of engagements, to present findings and provide analysis
    • Conduct on-site or remote application, network, systems and infrastructure penetration tests
    • Conduct social engineering
    • Review physical security and perform social engineering tests where appropriate
    • Compile written reports and present findings to a range of stakeholders
    • Make recommendations for security improvements
    • Supervise, train, evaluate, oversee, and provide feedback to junior colleagues
    • Keep up to date with latest testing and ethical hacking methods


    Bachelor’s Degree required – major concentration in computer science, information systems, or a comparable field preferred; alternatively three years of information security, information technology, or development experience required

    • Good understanding of network protocols
    • Ability to assess testing tools and deploy the right ones
    • Solid technical skills in both information security architecture and penetration testing
    • Project planning skills
    • A solid understanding of ethical hacking
    • Scripting and programming experience is helpful
    • Ideally one or more certifications OSCP, GXPN, GPEN, GWAPT
    • Ability to explain findings to non-technical professionals


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed