Senior Penetration Tester
*Local to Raleigh, NC only please
*This is a hybrid position
*Occasional statewide travel may be required for this position
Description:
- Seeking a Senior Penetration Tester to conduct authorized network infrastructure penetration testing to identify validate demonstrate security weaknesses.
Responsibilities:
- Plan and execute internal and external penetration tests for network and infrastructure environments
- Perform vulnerability identification validation and controlled exploitation
Assess security posture across:
- Network devices firewalls routers switches
- On-premise servers and operating systems Windows Linux Unix
- Active Directory and identity infrastructure
- Remote access solutions and VPNs
- Cloud environments where applicable
Simulate advanced threat actor techniques including:
- Privilege escalation
- Lateral movement
- Credential compromise
- Persistence mechanisms
- Evaluate security configurations and control effectiveness
- Conduct testing in accordance with approved Rules of Engagement
- Prepare and deliver formal penetration testing reports suitable for executive audit and technical audiences
- Support remediation validation and follow-up testing as required
Required Skills/Knowledge/Experience:
- Minimum 7-10 years of hands-on experience in penetration testing or offensive security, Required 7 Years
- Demonstrated expertise in network and infrastructure security testing, Required 7 Years
- Strong understanding of: o TCP/IP, DNS, DHCP, VPN, firewalls, IDS/IPS o Windows and Linux system internals o Active Directory attack paths and defen, Required 8 Years
- Advanced proficiency with penetration testing tools such as: o Nmap, Nessus, Metasploit, Burp Suite o BloodHound, NetExec,PingCastel Analysis tools, Required 7 Years
- Experience producing standard penetration testing reports, Required 7 Years
- Familiarity with security frameworks and standards, including: o NIST SP 800-53, 800-115, 800-61 o MITRE ATT&CK o OWASP Testing Guide, Required 7 Years
- Experience working within regulated or high-security environments, Required 7 Years
- Strong understanding of legal, ethical, and compliance requirements for penetration testing, Required 5 Years
Proper email communication will only be done to and from @astyra.com email addresses. Please ensure you are communicating with approved Astyra recruiters by checking this point when receiving offers and messages from us. Please ensure you are communicating within these guidelines and proper channels for the quickest possible interview consideration!
#AC