SWC is seeking a IT Security Penetration Tester/ Ethical Hacker to be a part of SWC’s Security Advisory Services Team. The candidate will be responsible for a variety of information security assessment engagements, including Web application penetration testing, network penetration testing, vulnerability assessment, and enterprise risk assessment. The candidate must have strong written and verbal communication skills and be comfortable working with customers, management, technical staff, and external vendors. This position will report to the Director of Infrastructure Services. Responsibilities: Perform penetration testing and vulnerability assessment of Web applications and networks. Perform enterprise risk assessment of administrative, operational and technical controls. Once assessment is complete, must create detailed reports and present findings to customers. This individual must have the ability to articulate security risk to both business and technical audience. Design secure networks that meet customer requirements. Serve as Information Security subject matter expert (SME) during sales process. Develop tools, templates and processes to continuously improve Security Advisory Services offering. Lead security incident management, security architecture and design efforts. Qualifications: Bachelor’s Degree in Computer Engineering, Information Systems, or related field from an accredited university. 2-5 years hands on experience as a security/penetration tester. Previous consulting experience desired. CISSP and CEH desired, GIAC certifications a plus. Must be proficient in technical security best practices such as OWASP Top 10 and SANS Top 20. Must have solid understanding of PCI, HIPAA, ISO, NIST and other security-related standards and frameworks. Must have solid understanding of Windows and Active Directory security. Plan, coordinate, and implement network security controls to protect information assets. Experience in performing security assessments, including network and application vulnerability assessment, network and application penetration testing, compliance audit, password audit, database security audit and comprehensive enterprise-wide security assessment required. Experience working with network switches, routers and firewalls. Must be open to local travel to client sites within the Chicagoland area. Must have excellent organizational and multi-tasking skills coupled with excellent verbal, writing, and presentation skills. Must have the desire to learn new technologies and skills to become a well-rounded engineer and consultant. Experience implementing security and related technology solutions, e.g. Active Directory, VPN, perimeter defenses (e.g. firewall, IPS/IDS), end-point security, anti-spam, content filtering, encryption and AAA. Computer forensics skills a plus. SWC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, gender, sexual orientation, gender identity or expression, gender transition, religion, national origin, marital status, age, disability, veteran status, genetic information, or any other protected status. Keywords: Penetration Testing, ethical hacking, exploit, PCI, HIPAA, network, engineering, forensics, security. Please visit our website to apply directly.
