Job Title: Penetration Tester
Department: Information Technology Division (ITD)
Job Summary: The Penetration Tester will oversee the timely and effective building and implementation of a penetration testing program from scratch. The project will only last 6 months, but there will be possibilities of future, long-term projects from the client. The primary role includes conducting a comprehensive security assessment, including penetration testing, vulnerability assessments, social engineering, and simulating real-world attacks to evaluate the effectiveness of our organization's security measures.You will be working in a world renown oil and gas company environment.
Key Responsibilities:
- Perform comprehensive security assessments, including penetration testing, vulnerability assessments, and social engineering to identify potential vulnerabilities in company’s infrastructure, systems, and applications
- Develop and execute detailed red teaming strategies tailored to the specific challenges and risks faced by the oil and gas industry, testing the effectiveness of our security controls in protecting critical assets.
- Collaborate with cross-functional teams, including operations, IT, and engineering, to identify and prioritize critical assets, systems, and applications for testing, with a focus on protecting operational technology (OT) environments
- Generate detailed reports outlining findings, recommendations, and remediation strategies to improve the overall security posture of our oil and gas infrastructure.
- Stay up to date with the latest hacking techniques, threat landscape, and industry best practices specific to the oil and gas sector, anticipating and mitigating emerging cybersecurity risks.
Qualifications:
- A Bachelor’s degree in Cybersecurity, Computer Science or equivalate degree from a recognized and approved program
- Minimum 5 years of experience in cybersecurity, vulnerability and penetration testing
- Proven track record of successfully identifying vulnerabilities and weaknesses in critical infrastructure, SCADA systems, and industrial control systems (ICS)
- Using specialized tools and protocols relevant to oil and gas cybersecurity, such as Wireshark, Modbus, DNP3, and OPC is preferred.
- You must have a strong knowledge of scripting languages (e.g., Python, PowerShell) for automation and tool development.
Certifications:
· Certified Ethical Hacker (CEH)
· Certified Penetration Tester (CPT)
· Offensive Security Certified Professional Certification (OSCP)
Work Arrangement:
This is a full-time, 100% on-site position. The project will last till January 2025 with the possibility of long-term opportunity at the end. The candidate must be able to adapt to a flexible work environment and maintain productivity.
Job Type: Full-time
Benefits:
- 401(k)
- 401(k) matching
- Health insurance
- Paid time off
Experience level:
Schedule:
- 8 hour shift
- Day shift
- Monday to Friday
Ability to Relocate:
- Houston, TX 77002: Relocate before starting work (Required)
Work Location: In person