Prosyntix is currently recruiting for a Manager - Technology, Cyber Risk with one of their clients in the professional services - tax and advisory industry. The ideal candidate will be CISSP, OSCP certified (or similar) and have a strong penetration testing background. This opening can sit in multiple locations, including (*in order of preference): Charlotte, NC* - Tysons, VA* - New York, NY* - Atlanta, GA - Dallas, TX. This is an opening for a full-time/permanent position.
Lead network penetration testing, web application testing, and social engineering engagements of client environments. Engagements require capabilities in the following areas:
Internal and external network testing
Web application penetration testing
Dynamic and static application code testing
Simulated phishing, voice phishing (vishing) and physical pretexting campaigns
Assist in the day-to-day management and operation of cybersecurity testing lab and tools.
Interface with client project sponsors to establish project schedules and milestones, conduct meetings to regularly communicate project status, and address questions and concerns.
Clearly articulate the status and results of work performed, both orally and in written form, to internal management and client sponsors and executive management.
Produce detailed and clear report deliverables for client management by documenting issues identified, proof-of-concept, and clear recommendations for remediation of identified vulnerabilities.
Stay abreast of cutting-edge tools and testing techniques within the cybersecurity industry.
Advise senior management on the need for new testing tools and software and assist in the preparation of cyber team budgets
Prepare and maintain proof-of-concept documentation,
Support non-cyber IT audit teams with understanding and assessing technical concepts: reviewing documentation, preparing technical assessment/audit work programs, and making recommendations for enhancing IT audit procedures.
Coach and develop other cybersecurity team members in assessment methodology and teach use of technical tools and industry standard approach to technical testing.
Operate effectively and with minimal supervision, within a team or independently, performing special projects and related duties, as assigned.
Pursue continuous professional development by identifying new opportunities to assist current and prospective clients with cybersecurity assessments, prepare detailed proposals, and consider risk management processes for performing new assessments.
Minimum of 5 years of demonstrated experience in penetration testing and technical assessment in the following domains required:
Internal and external network (OSI Layer 1 – 4) penetration
Dynamic and static web application code
Penetration testing of systems hosted within AWS, Google Cloud, and Microsoft Azure
Windows and/or Linux system administration and secure configuration
Industry professional certification (CISSP, OSCP, CEH Security+, etc) required.
Bachelor’s Degree in Cybersecurity, Computer Science, MIS, Information Security, or a related discipline preferred.
Fundamental understanding with common security risk and compliance frameworks, including NIST 800-53 controls, the NIST Cybersecurity Framework, HIPAA, PCI, and CIS Critical Security Controls preferred.
Strong conceptual thinking aptitude required.
Strong interpersonal skills, including written and verbal communications, a willingness to assist in areas outside of direct assignments when necessary, and a commitment to self-improvement and professional development.
Willingness to work toward achieving additional professional cyber credentials is required.
Ability to travel up to 60% annually, primarily in the southeastern United States, preferred.