Schellman is a leading provider of attestation and compliance services. Our professional services focus on security and privacy audits, assessments, and certifications. Schellman has become one of the largest cybersecurity assessment firms in the United States without providing any traditional accounting services, such as financial statement audits or tax preparation services, as other CPA firms. We are an accredited multi-framework ISO Certification Body for security, privacy, business continuity, and quality; a globally licensed PCI Qualified Security Assessor and a top provider to clients serving the federal DoD space as a leading FedRAMP 3PAO and the first assessment firm authorized as a CMMC C3PAO.
The primary responsibilities for this position will be leading network, application and mobile penetration testing, as well furthering team development and advancing the practice. Senior Penetration Testing Associates perform project execution and report preparation activities as the delivery lead on an engagement.
At least three years hands-on penetration testing experience
At least one year of web application penetration testing experience
Completion of the OSCP Certification
Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges – SANS Holiday Hack, HackerOne CTF, HackTheBox.eu, etc.)
Degree in computer science or information technology
Competency in common operating systems (e.g. Windows, macOS, Linux)
Proficiency with at least two scripting languages (e.g. Python, Bash, JavaScript, PowerShell)
An understanding of cloud computing models, technologies and concepts
Knowledge of PCI and FedRAMP programs
A passion for identifying and exploiting vulnerabilities
Demonstrated entrepreneurial abilities, client focus, industry savvy, and the ability to work independently or as part of a collaborative team
Self-driven in a remote working environment, motivation to continuously improve your skillset
6 Problems Penetration Testers Face (and How Schellman is Solving Them)
Schellman is an equal opportunity employer (EOE) and strongly supports diversity in the workplace; therefore, providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. Schellman uses E-Verify in our hiring process.
At Schellman, we strive to provide a flexible and balanced environment and therefore offer the opportunity to work remotely, unless otherwise stated in the job requirements. Connecting, collaborating and continuous education are also highly valued and therefore we require approximately 20% travel annually for our Operations roles, which can include in-person training, team meet-ups, and strategy meetings. Service Delivery team members will also be required to travel based on business and client needs.
Click the video below to learn more about our Senior Penetration Tester roles!