We are the leading provider of professional services to the middle market globally. The Cyber Testing Director will support RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology, and management consulting, tax, and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day.
Requirements
- Bachelor or Master degree in computer science or related field with a minimum of 10 years in cyber security domain
- Technical background in networking/system administration, security testing or related fields
- In-depth knowledge of TCP/IP
- Good knowledge of Perl, Python, Bash, or C experience
- Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.)
- Configuration and Security experience with firewalls, switches, routers, VPNs
- Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
- Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
- Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.)
- Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.)
- One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc.)
- In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals (CISSP); Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM)
- Strong leadership and communication skills, technical knowledge, and the ability to write at a 'publication' quality level in order to communicate findings and recommendations to the client's senior management
- Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices
Benefits
- Competitive benefits and compensation package
- Flexibility in your schedule
- Empowering you to balance life's demands, while also maintaining your ability to serve clients
