Security Engineer

MAD Security is seeking a highly motivated and passionate penetration- testing engineer to be a part of our offensive security services and take them to the next level.

As a Security Engineer at MAD Security, you will conduct regular penetration tests, application assessments, red team exercises, and vulnerability assessments.  You will be working side-by-side with a highly focused and motivated team that is constantly striving to reach a higher level of excellence and improve upon their skillsets.  One of the most, if not THE most important requirements for this position is to possess an overly passionate enthusiasm for working with our great team in a collaborative environment and believing in the MAD Security mission.  

Essential Duties and Responsibilities:

• Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessment, and social-engineering assessments
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
• Recognize and safely utilize attacker tools, tactics, and procedures
• Develop scripts, tools, or methodologies to enhance red teaming processes
• Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff

Candidate Requirements:

• Ability to travel up to 30%
• Ability to prioritize and re-prioritize tasks in a rapidly changing environment.
• Strong written and verbal communication skills and a solid understanding of IT Security concepts to include security operations.
• Strong experience with auditing networks, web, and application security environments.
• Expert level of experience with Cobalt Strike and/or Metasploit, Burp Suite, and other standard Kali assessment applications and scripts
• Knowledge of network protocols, data flows and vulnerabilities.
• Knowledge of PCI, NIST, and other industry compliance standards.
• Able to collaborate with other team members and groups, manage competing priorities, and possess strong customer focus.
• Knowledge of typical attack vectors and system penetration techniques.
• Experience with scripting and programming languages, such as Perl, Python, Ruby, PowerShell, PHP, Bash, etc.
• Ability to customize existing tools and write own tools a desired capability.
• Ability to work independently and complete required tasks with minimum supervision.
• Ability to maintain and improve skills through both structured training and independent research.

Education/Certifications

Bachelor’s Degree in Cyber Security, Information Assurance, Computer Science or other related field

Possess industry standard certifications related to information security and specifically penetration testing, vulnerability assessments and information security auditing (CISSP, CEH, LPT, GIAC, OSCP)

Required experience:

• Offensive security assessments, penetration testing and vulnerability Assessments: 3 years
• Vulnerability and risk management services, networking and information system environments: 3 years