Senior Cybersecurity Penetration Tester

Principle Duties and Responsibilities: As a Penetration Tester on NIRT's Security Assessment team, you will participate in a variety of engagements and projects that will target and evaluate the cyber security posture of people, processes, and technology within the Federal Reserve System. On these nationwide projects, you will be using a variety of tools and techniques that include penetration testing, red teaming and, social engineering as well as having the opportunity to combine your technical expertise with your imagination to discover innovative methods for ensuring that the Federal Reserve System remains one step ahead of its adversaries around the world. Required Technical Skills: Must be a U.S. citizen and able to obtain and maintain a National Security Clearance. 7-10 years of overall experiencepreferred, approximately 2-5 years of experience in cybersecurity assessments. Penetration testing experience with web applications, operating systems, network protocols, wireless, mobile, databases, middleware, etc. Experience testing web applications for common web application security vulnerabilities including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues. Hands-on experience with commercial and open-source cybersecurity tools such as proxies, port scanners, vulnerability scanners, exploit frameworks (ex: Burp, Nessus, Nmap, Metasploit, Cobalt Strike, Empire, etc.). Experience in programming languages such as Python, JavaScript, C#, PowerShell, Bash Scripting, etc. Must be able to demonstrate a level of familiarity with real-world vulnerabilities, exploits, and payloads. Demonstrated ability to work on multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment. Team player with excellent consultative skills, and the proven ability to work effectively with client, internal management and staff, vendors and consultants.  Develop comprehensive and accurate reports and presentations for both technical and executive audiences   Additional Skills:  Specifically seeking a hybrid candidate who is comfortable in both Penetration Testing and Red Teaming. Developing, extending, or modifying exploits, shellcode or exploit tools Must be able to demonstrate a level of familiarity with real-world vulnerabilities, exploits, and payloads Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff Education/Certifications: Bachelordegree in Information Technology/Computer Science, and/or equivalent work experience The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service. 257798
Salary Range: NA
Minimum Qualification
8 - 10 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.