Requirement for Sr Penetration Tester Job at Kairos Technologies, Plano, TX

RXV4cVkyTVVDM1V0VmJxbHpHMWMvZVpwelE9PQ==
  • Kairos Technologies
  • Plano, TX

Job Description

Hi ,

Please let me know if you're comfortable with the position detailed below. This position is an urgent hire.

Job Title: Sr Penetration Tester

Location: Plano, TX---Hybrid 3 days

Duration : 6-12 months Contract to hire

Only Locals

• Experience conducting manual API and mobile PenTest using burp suite. Proficient in understanding application-level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, authentication flaws etc.

Skilled in performing penetration tests on web APIs and mobile apps before release. MITRE ATT&CK working on Red Teaming TTPs and Threat Modelling.

Leveraging Bash, PowerShell and Python automation.

• API testing: Postman, SoapUI, Crackmapexec, Hash cat, Responder, Bloodhound, Impacket, Postman

Performing manual testing and identifying vulnerabilities such as Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), SQL Injection, privilege escalations, authentication weaknesses, access control weaknesses, use of insecure cryptographic protocols, security misconfigurations.

Summary

Within the Cyber Fusion Center, the Offensive Security Team continuously evaluates PepsiCo's cyber security posture through penetration tests and red team engagements to proactively identify gaps and drive mitigations to minimize PepsiCo's cyber risk exposure.

Responsibilities

• Conduct penetration tests across Web applications, APIs, Mobile applications, infrastructure, cloud environments, and devices.

• Conduct red team engagements across complex environments (including operational technologies).

• Drive all phases of penetration tests and red team engagements, including Scoping, planning, communications, timelines, and execution of key activities (reconnaissance, vulnerability identification, exploitation, and reporting)

• Develop in-depth reports (issue, severity, impact, remediation recommendations) for penetration tests and red team engagements.

• Develop tools and techniques to automate, scale, and accelerate adversary emulation capabilities and vulnerability discovery.

• Develop exploits and POCs to evade defensive countermeasures and emulate threat actor TTPs.

• Establish and mature team documentation, processes, procedures, and team KPIs.

• Mentor penetration testers, red team members, and other functions where needed to drive unified and holistic outcomes.

• Manage third-party pen test and red team engagements to ensure high-quality products and deliverables

• Support offensive security research, innovation, and testing across emerging capabilities (e.g. AI, LLM, ML, NLP, Smart Contracts, etc.).

Accountabilities

1. Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.

2. Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape.

3. Develop automation to scale global offensive capabilities and operational resiliency.

4. Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings.

5. Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required

Years of experience

5+ years of experience in a technical security role (e.g. Penetration Testing, Red Team, Application Security, Infrastructure Security); or master's degree in computer science/engineering or related cyber field, and 2 years of relevant experience.

Mandatory Technical Skills

1. Advanced knowledge of security tools (Burp Suite, Metasploit, Cobalt Strike, Empire, Nmap, bloodhound, etc.) and multiple operating systems (e.g. Windows, Linux).

2. Proficient in at least one scripting language (Python, bash, PowerShell) or one programming language (Java, C#, C++).

3. Experience in multiple security domains (e.g. Network security, Application Security, Infrastructure Security, Cloud Security, Security operations).

4. Experience in aligning threat and vulnerability management efforts to frameworks and control objectives - MITRE ATT&CK, NIST CSF, ISO27001, CIS, OWASP.

5. Familiarity with defensive and monitoring technologies such as Intrusion prevention/detection systems (IPS/IDS), Web application firewalls (WAF), security information and event management systems (SIEMs), and endpoint detection/response (EDR) tools, as well as user and entity behavior analytics (UEBA).

6. Experience in developing offensive security tooling and automation is a plus.

Laxman Andoli | Lead – TAG | Kairos Technologies Inc

M : 972.848.7314 | O: 214.389.5616 Ext 302 | E:  [email protected]

 

Job Tags

Contract work, Local area, Immediate start,

Similar Jobs

American Fortune Cookie

VIDEO CONTENT PRODUCER Job at American Fortune Cookie

 ...Video Content Producer American Fortune Cookieis looking for an experienced, strategic, and organized individual to join our team as a Visual Content Manager. American Fortune Cookie is a marketing agency. Our success is made of insight-driven campaigns and collaborative... 

BrandMinded™ Digital Marketing

Content Strategist Job at BrandMinded™ Digital Marketing

Content StrategistAre you a content marketing aficionado with a passion for crafting compelling messages that leave a lasting impact...  ..., and optimized for SEO..~Copyediting and Proofreading: Review and edit blogs, social media posts, website copy, emails, and other... 

West Suburban Medical Center, LLC

Registered Nurse (RN) - Interventional Radiology Job at West Suburban Medical Center, LLC

 ...established procedures in accordance with the organizations and the nursing division policies, procedures and standards of care. The RN...  ...Nurse Practice. Evaluates the effectiveness of nursing interventions. Modified the plan of care focusing on age and development... 

New Orleans Aerial Tours and Flight Training LLC

CFI/CFII/MEI & Commercial Tour Pilot (up to $27 per hour) Job at New Orleans Aerial Tours and Flight Training LLC

 ...enthusiastic. And we're fun! At NOAT&FT we work hard to see our students succeed. We are looking for outgoing, dependable, and adaptable pilots that have a passion for safe aviation (flying and teaching). What would you think if your workday went like this? Your first... 

Healthcare Recruitment Counselors

Chiropractor Job at Healthcare Recruitment Counselors

Chiropractor Hurst, TX 76054 (10 miles from Fort Worth, Texas and 25 miles from Dallas) Are you looking for an Integrated office where Medical / Chiropractic / and Rehab team come together? A place where a team creates treatment plans for the best possible outcomes for...