Offensive Security Consultant - Remote from Jacksonville, FL or Charlotte, NC

Secure Ideas
USA


Secureideas.com

 

About

Founded in 2010, Secure Ideas is a woman-owned, small-business consulting firm. An industry leader in security consulting, training, and penetration testing, Secure Ideas is continually striving to improve the state of the art and practice of information security. Our focus is collaborating with clients to improve their security management, and reduce the risk of potential losses through a proactive approach. Having architected security solutions for large enterprises, and performed penetration testing for numerous industries from government agencies to Fortune 100 companies, we are adept at assessing client needs, comprehending complex details on new technologies, and identifying risks to organizations.


Our team of professional security consultants has more than 170 years of combined experience, with core competencies in:

  • Web Application Penetration Testing
  • Mobile Device and Application Penetration Testing
  • Network Penetration Testing – Internal, External, Wireless
  • Security Architecture Reviews
  • Risk Assessments
  • Social Engineering and Social Networking Assessments
  • Physical Security Assessments
  • Security Policies and Procedures
  • Vulnerability Management
  • Information Security Governance
  • Information Security Training and Course Development


Technical knowledge in development, operating systems, databases, network security, storage, messaging, active directory, application security, wireless security, security controls, and much more.


From open-source projects such as SamuraiWTF and Weaponized Flash, to training classes such as Security 542 and 642 from SANS, Secure Ideas involves themselves in all facets of a security program, and can help you move your organization further into the future.


HQ: 3412 Kori Rd., Jacksonville, FL 32257

Remote Sites in Ft. Mill, SC (Charlotte), Tulsa, OK and Michigan, Dallas, Salt Lake City, Georgia, NC, SC, and Canada

 

Why Secure Ideas?

Asymmetric Talent Solutions has partnered with information security companies from small business to enterprise, across a myriad of industries. We serve as the premier talent partner of Secure Ideas and their customer base simply because they are awesome, ethical, and unique. We believe (through experience) Secure Ideas is an amazing employer who truly cares for their employees more than anything else, period. We look forward to discussing them with you!

  • Well regarded company to launch career into Penetration Testing
  • You will partner with and learn the right way of doing things as an ethical hacker, develop great habits, and learn from some of the best
  • Incredibly unique and truly fun culture
  • Exciting work
  • Focus on community as an influential contributor
  • Excellent employee retention and growth
  • Excellent pay and benefits
  • Employees actually come first


Offensive Security Consultant

Location

This role is 100% remote but candidate location is highly preferred to be in:

  • Jacksonville, FL or
  • Charlotte, NC


Travel

Travel up to 30%

Travel will be paid for by company entirely including food.


Hours - Normal business hours


Overview

The Security Consultant at Secure Ideas works with clients to provide risk-based assessments,

penetration testing, and general security consulting services. Consultants engage in a wide range of assessments including network, web application, mobile, and physical penetration tests, architecture reviews, vulnerability assessments, and more depending on the needs of the client. They are expected to be flexible and adept at assessing client needs, comprehending complex details on new technologies, and identifying risks to the organization.

 

This is a full-time employee who is looking to grow long-term with the development of our company, to expand not only the individual skill set but also promote the growth of Secure Ideas. This position is generally a remote position working from a home office with travel to client sites as required and reports to one of our Principal Security Consultants. Opportunities are available to work out of the Secure Ideas HQ if the employee is located in Jacksonville, FL, or in our coworking facility in Charlotte, NC. This position has the potential for upward mobility in a variety of areas based on individual and company success.

 

Essential Characteristics

A successful candidate will reflect self-sufficiency, innovative thinking, professional communication – both written and oral, flexibility to assist where needed, as well as be a self-starter with a desire to be a part of a bigger team, and a desire to learn and teach others. The ability to communicate with technical, management, and executive level personnel, as well as manage his/her own time successfully are absolute necessities.

 

Additional qualities reflected in successful Security Consultants are:

  • Self-driven
  • Results-oriented with a positive outlook
  • Clear focus on high-quality work and business profit
  • Forward planner who can critically assess own performance
  • Mature, credible, and comfortable in dealing with clients’ senior executives
  • Reliable, tolerant, and determined
  • Empathetic communicator, able to see things from the other person's point of view
  • Well-presented and businesslike
  • Sufficiently mobile and flexible to travel up to 30% of the time
  • Interested in new experiences, and taking responsibility for their career

 

Essential Job Responsibilities

  • Perform security consulting services, including but not limited to pen testing (mobile,
  • physical, web, network, and social), architecture reviews, secure code review, general security consulting
  • Produce reports and deliverables for clients
  • Conduct field-appropriate research
  • Participate in company-internal projects promoting the growth of Secure Ideas

 

Additional Job Responsibilities

  • Promote Secure Ideas through its social media feeds. This includes actively generating
  • content in the form of blogs and video content, Tweeting, Facebook, and LinkedIn.
  • Actively participate in internal calls and communications
  • Maintain customer relationships through regular communication
  • Follow company policies and practices to promote a smooth flow of operations
  • Participate in internal projects, which may include research, development, writing,
  • marketing, back-end support, software development, etc.
  • Be proactive in performing security research and sharing the information with the team
  • and the public
  • Secure Ideas provides an open phone line to the public for emergencies. While this is called “on-call”, expectations to serve inbound inquiries are during normal business hours and answered by all employees. These inbound actions can range from:
  • “911” calls from customers or cold leads
  • Reports out for review for finalization prior to client distribution
  • Mentoring junior staff


Essential Knowledge Skills and Abilities

  • Understanding modern computer network threats, attacks, and defenses
  • Solid working knowledge of various security related industry regulations (ie: HIPAA, PCI,
  • Sarbanes-Oxley, etc)
  • Knowledge of foundational IT concepts including networking, operating systems, and
  • programming
  • Application, operational, and/or development backgrounds
  • Excellent written and verbal communication skills
  • Strong interpersonal skills
  • Ability to work effectively with small teams in a virtual environment
  • Proven ability to succeed in a fast-paced, ever-changing environment
  • Timeliness
  • Integrity – past and present
  • Ability to multitask under pressure
  • Good sense of humor


Desired Knowledge Skills and Abilities

  • Programming in various languages (Node, Python, JavaScript preferred)
  • Knowledge of Mac OSX, Windows and Linux
  • Experience with BurpSuite Pro and web application testing
  • Experience with network penetration testing tools and techniques
  • Systems Administration of both Windows and Linux systems
  • Knowledge of networking

 

Standout Experience

  • 5+ years of software development
  • Actively contributing to open-source via Github
  • Experience in corporate environment
  • Experience building “systems” (purposely vague)
  • Software development background (fluent in multiple languages highly preferred)
  • Advanced understanding of how the web works
  • Genuine interest (proven by clues of action) of looking to transition into information security
  • Foundation (minimum conceptual understanding) of IT Security principles

 

Exposure

As an offensive security consultant, you will leverage a myriad of tools, based on each scope of work. Tools and areas of focus you will likely be exposed to include but are not limited to:

 

  • Enterprise SIEM solutions
  • IDS/IPS solutions
  • Nessus, Qualys, BurpSuite, OpenVas
  • nMap, MassScan, MetaSploit, Nikto, EyeWitness, Kismet

 

Workflow

Security consultants are assigned projects through the project management team. Your capacity will be dually managed by your PM partners but you will have the ability (not expectation) to identify opportunities with your current clients, inbound inquiries, and more and partner with the team for presenting solutions and scheduling. Consultants are paid for closed leads across all services, but are not expected to sell or manage leads. For each commitment, Secure Ideas follows a simple process:

  • Discovery/Scope
  • Follow up with suggested solutions
  • Create Statement of Work or Master Service Agreement
  • Schedule the work/Allocate resources
  • Kick-off

 

Team: https://www.secureideas.com/about-us

Executive Team

  • President
  • CEO
  • CIO

 

Security Consulting

  • (2) Principal IT Security Consultants
  • (4) Sr. IT Security Consultants
  • (4) IT Security Consultant

 

Solution Development

  • Sr. Security Consultant
  • IT Security Consultant
  • (2) Full Stack Developers


Project Management (3)

 

Marketing and Media (2)

  • Graphic Arts
  • Marketing Lead

 

Administration

Company Non-negotiables:

  • Pass criminal background check, back to 18 years of age
  • Required to have a dedicated work space
  • Willingness to travel
  • Morally okay with ethically hacking

 

Compensation:

  • Base Salary $75,000 - $90,000, 105k max
  • 10% off-hours differential (client driven, overnight or weekends) 
  • Quarterly profit-sharing bonus – weighted 50/50 on company and personal performance
  • Annual Review and performance increase
  • Leads incentives:
  • 4% payout to employees who manage clients through a Statement of Work for certain types of engagements. These include:
  • Consulting, such as Architecture Review
  • Penetration Testing Engagements
  • Private/Corporate Training
  • 2% payout to employees who manage clients for Test Credit contracts

 

Benefits (take effect 1st of the month following hire date)

  • Medical (Aetna)
  • FSA/HSA options
  • Dental/Vision (Aetna/Metlife)
  • Voluntary benefit elections
  • 401k match (100% first 3%, 50% 3-5%)
  • 4 weeks PTO (this increases to 5 weeks after 3 years tenure)


Non-Compete:

No non-compete post-employment, only during employment. For example, while you are an employee of SI you cannot pen test for anyone outside of your employment.


Interview Process

1.     Meet with Asymmetric Talent Solutions

 

2.     Technical interview with Secure Ideas

You will meet with 2 current security consultants and participate in a progressive technical conversation, looking to understanding technical experience and capability and gain and understanding of what you know about security. This is not a quiz or a test. Secure Ideas will be focused on your verbal acumen and ability to communicate and present information in a comprehensive manner.

3.      Meet Secure Ideas CEO and/or CIO for a conversation for overall mutual fit for the company



Work Authorization requires US Citizenship