Senior Security Consultant
The role of a Senior Security Consultant at Abricto Security requires a wide breadth of knowledge across multiple penetration testing disciplines. This position requires the ability to carry out a range of penetration tests offered by Abricto Security. Our consultants are expected to effectively present their findings to technical teams and executives alike. A strong background in leading penetration tests and conducting debriefs is imperative.
What you’ll be doing:
- Helping our security consultants and junior staff grow professionally by providing guidance and mentorship as needed.
- Conducting penetration testing for our customer’s web applications, networks, IoT devices and more.
- Perform security assessments reviewing IoT and cloud architectures, social engineering and container environments.
- Leading strategic services including Cloud Security Posture Management, Advanced Persistent Adversary Emulation, Phishing-as-a-Service and more.
- Composing and reviewing other consultants’ detailed findings reports to communicate security findings, risk severities and remediation actions.
- Leading as a subject matter expert in reviewing customer’s enterprise or product security architectures for misconfigurations, omissions or other vulnerabilities.
- Leading by example and setting the bar for other security consultants to follow.
- Debriefing customers on assessment findings and providing remediation recommendations.
- Researching and developing new tools to improve processes and procedures.
- Actively learning about new tools and techniques to strengthen our security assessments and services.
- Writing technical blog posts detailing research you’ve done or sharing your professional experiences.
- Collaborating with team members to share ideas and learn new skill sets.
- Working as part of a larger team to deliver both remote and on-site assessments when needed.
What you’ll bring to the team:
- Strong communication skills, be able to communicate effectively both verbally and written.
- Nice to have certifications include OSCP, OSCE, CISSP, CSSLP and others.
- Bachelor’s degree or equivalent work experience.
- Experience providing security guidance for popular programming languages and frameworks (e.g. Java, Python, C#, Go, Swift, Ruby).
- Cloud experience for AWS, Azure or GCP.
- Fluent in Mac, Linux, and Windows operating systems.
- At least 5 years of prior penetration testing experience.
- Experience debriefing both technical and executive teams on security assessment findings.
- Ability to deliver training to customers, both virtually and on-site.
- Experience presenting at security conferences.
- Embracing our “You First” attitude, understanding that our customer-centric approach is what sets us apart.
- Contributions and participation in the security community.
- GitHub repositories.
- Developed or maintained security tools.
- Published CVEs.
- Participation in CTFs.