About Genzeon
Delivering excellence in IT services and solutions for the retail and healthcare sectors. Genzeon is a leading provider of intelligent automation, security, compliance, cloud, and managed services. Our healthcare capabilities integrate data systems, facilitate information flow, and leverage interoperability to improve clinical and operational outcomes. Genzeon empowers retail enterprises with multichannel IT solutions that deliver a personalized experience for consumers.
Job Type: Permanent
Job Responsibilities
• Assist in scoping and executing prospective engagements
• Understand and safely use various open-source penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures
• While in-between assessments, you will be expected to improve any existing processes, develop tools
• Develop scripts, tools, or methodologies to enhance Geneon’s penetration testing processes
• Document security issues and impacts identified through penetration testing in a clear and concise manner to facilitate reporting to impacted stakeholders
• Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing
• Network penetration testing and manipulation of network infrastructure
• Web Application Penetration Testing
• Email, phone, or physical social-engineering assessments
• Shell scripting or automation of simple tasks using Perl, Python, or Ruby
• Detecting and exploiting security vulnerabilities in Azure infrastructure by simulating a controlled cyber-attack.
Desired Skills
• Ability to successfully interface with clients (internal and external)
• Ability to document and explain technical details in a concise, understandable manner
• Ability to manage and balance own time among multiple tasks.
• Developing, extending, or modifying exploits, shellcode or exploit tools
• Developing applications in C#, ASP, .NET, Objective C, Go, or Java (J2EE)
• Reverse engineering malware, data obfuscators, or ciphers
• Source code review for control flow and security flaws
• Familiarity with common security tools (e.g., Kali Linux, Metasploit, Burp Suite, etc.)
• Thorough understanding of network protocols, data on the wire, and covert channels
• Experience conducting assessments for solutions consisting of a variety of technology stacks and architectural implementations and hosting providers
• Exposure and understanding of enterprise solutions from a functional and security perspective
• Experience with Unix/Linux/Mac/Windows operating systems, including bash, PowerShell and mobile platforms.
• Strong understanding of network protocols and infrastructure
Desired Qualifications
• Bachelor’s degree (or equivalent) in a technical field
• 3-5 years experience
• Proficiency in at least one programming language (e.g., Python, Java, C++, etc.)
Certifications (Nice to Have NOT Must)
• CEH / GWAPT
• OSCE, OSWE, SANS
