Continuous Penetration Testing Analyst at Bishop Fox

We are the trusted advisors to the world’s leading businesses, governments, and organizations – helping to secure their networks, data, and applications. Whether they’re looking to safeguard their critical infrastructure or credit cards; social media or mobile games; flight navigation systems or frozen waffle factories — we’re right there, advising every bit of the way.

We are launching a new service line, so we are bringing a few good continuous penetration testing analysts aboard to shore up our team.

Who You Are and What You’ll Do

You fancy yourself a pentester. You know your way around source code. You’ve plundered apps and pillaged networks (legally, of course). You have a passion for hacking and information security. If you’re not already doing it professionally, you’re pen testing in your free time.

As a Bishop Fox continuous penetration testing analyst, you’ll use automation technology along with manual vulnerability analysis to constantly evaluate the security posture of an organization’s entire external perimeter. You’ll work in a small agile team to quickly triage client requests, integrate emerging real-world attack techniques, and constantly improve your capabilities and technology. All the while, you’ll be performing real-time analysis of newly-created or modified assets at scale and providing clients with continuous delivery of your findings.

Why Bishop Fox

We believe that what we do makes an impact, and our culture reflects it in the best possible way. Every one of us plays a role in our success. We value our time and our well-being, we love what we do, and we look out for one another. Bishop Fox offers competitive salaries, flexible schedules, and a one-of-a kind environment. For the right candidate, it will feel like a second home.

Your Education and Experience

You just have to be good at and, most importantly, love what you do. Don’t worry about a piece of paper; we won’t. Here’s a list of qualities we’re looking for, but don’t think that you need them all:

  • Network penetration testing
  • Web application penetration testing
  • Open-source intelligence gathering (OSINT)
  • Scripting/programming skills (e.g., Python, Ruby, Java, JS, etc.)
  • Red teaming
  • Strong communication skills (i.e. written and verbal)
  • Understanding security fundamentals and common vulnerabilities (e.g. OWASP Top Ten)
  • 2 - 5 years of application security experience
  • Additional experience in IT, security engineering, system and network security, authentication and security protocols, and applied cryptography
  • Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Experience with Agile workflows, such as Kanban, is strongly preferred
  • Advanced relevant academic training is a definite bonus

Candidates across the country are welcome to apply.

Interested? Apply today.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin.