Why Work for BreakPoint Labs?
BreakPoint Labs is growing quickly and constantly seeking enthusiastic cybersecurity professionals to solve its clients’ most technical challenges. Through an established corporate culture, BreakPoint Labs embraces a highly technical, ‘geeky’ workforce passionate about developing and leveraging technology to secure cyberspace.
If you are interested in joining the BreakPoint Labs Team, please submit a copy of your resume to firstname.lastname@example.org.
< BreakPoint Labs has an opening for a Penetration Tester, the individual will help perform adversarial emulation on traditional enterprise environments./>
- Assisting customers with penetration testing activities to include: Internal, External, Wireless, Social Engineering and Physical security testing.
- Maintain in-depth technical knowledge of adversarial activity in order to replicate similar tactics, techniques, and procedures (TTPs) during assessments.
- Assess customers security posture through the use of automated tools and manual techniques to identify, verify and exploit security vulnerabilities.
- Use creative approaches and techniques to identify vulnerabilities that are commonly missed in security assessments, and automated tools.
- Trigger vulnerabilities and identify specific, meaningful risks to customers based on business and mission impact to critical infrastructure/network environments.
- Provide detail-oriented technical assistance with remediation and mitigation efforts, often in the form of verbal and/or written communication to the customer.
- Create comprehensive assessment reports that clearly define vulnerability findings and all scoped requirements defined within the rules of engagement.
- Interface with client personnel and trusted agents to gather information, clarify scope and investigate security controls in depth.
- Five (5) years relevant experience.
- Linux and bash scripting preferred.
- Excellent problem solving skills and creativity.
- Excellent communication within a remote team environment and operations
- Experience with system/network monitoring and troubleshooting.
- Knowledge of modern assessment tools for offensive operations (Empire, Burp Suite Professional, Metasploit, Nmap, Nessus, sqlmap, Kali Linux, Cobalt Strike, Canvas, etc.)
- Experience leading a team / pentest project.
- Python programming experience (preferred).
- OSCP, and/or OSCE (preferred)
- Bachelor's Degree at a minimum (preferred) and 5 years relevant experience.
- Remote Position with travel as needed.
- An active DoD Security Clearance (preferred, or the ability to obtain a DoD Security Clearance).
Boundary Assessment Team (BAT) - Security Engineer (Remote Position)
<BreakPoint Labs is seeking a Boundary Assessment Team (BAT) Security Engineer!/>
- Perform remote external threat assessments for customer service delivery points and provide a written report of findings with recommended remediations as requested.
- Provide remote threat assessments to enumerate vulnerabilities and exploitable flaws from a blackbox/ Internet facing perspective without causing any negative impact to the target organization(s) and their system(s).
- Perform full scope web application penetration testing or vulnerability assessments for customers as requested.
- Validate the customer(s) attack surface utilizing best practices and identifying defensive capabilities within the customers current infrastructure.
- Coordinate, validate and assess any security flaws and issues reported by the DoD Bug Bounty program.
- Applying and developing the teams customized web pentesting methodology further with documented procedures and testing of tools, techniques and procedures (TTPs).
- Prepare technical assessment reports for cybersecurity personnel and system administrators, and conduct formal briefings for effective communication of system analysis results to leadership.
- Assess cybersecurity capabilities through validating and testing the functionality of ACAS, HBSS, IDS, etc. and reporting findings for tracking and closure.
- Bachelor's Degree and five (5) years Information Assurance (IA) or related experience.
- Certified as an IAT-II (CCNA Security, GICSP, GSEC, Security+ CE, etc.) within 60 days of hire.
- Certified as OSCP, GWAPT, GPEN (Preferred).
- Knowledge of vulnerability scanning and testing tools (Nmap, ACAS/Nessus/SecurityCenter, Burp Suite Professional, Acunetix, Metasploit, EyeWitness, Whatweb, SQLMap, Shodan, Censys.io, and other tools as deemed appropriate for the mission.
- Knowledge of common DoD Cybersecurity Technologies (ACAS, HBSS, IDS, etc.)
- Ability to adapt to new Techniques, Tactics, and Procedures (TTPs) associated with realistic threats to improve vulnerability findings.
- Understanding of common attacker TTPs in order to perform threat analysis during assessments.
- Experience troubleshooting and understanding vulnerability scanning, testing tools and manual testing techniques to determine vulnerability findings that are missed during external facing assessments.
- Bachelors Degree in Cybersecurity, Information Technology, Computer Science, or Related
- IAT-II Compliance. (Security + & CEH)
- Remote Position with less than 5% travel.
- Minimum of Secret Clearance Required.