Offensive Security Consultant

Location: Physical location anywhere in the continental US.

Work Options: Remote (with some travel expectations to client sites)

Typical Day in the Life

An Offensive Security Consultant at Eide Bailly is a highly skilled, consultative penetration tester capable of performing in-depth network and application assessments as well as social engineering. This position works both independently and as a part of a team to provide maximum value as to Eide Bailly's customer base. As an Offensive Security Consultant you will contribute to the overall success of the team and the development of the services and practices withing the Cybersecurity Team. You understand the technical and non-technical issues and challenges our clients are facing and use this knowledge and your experience to identify weaknesses and provide remediation guidance and solutions that align to each organization's objectives and needs. A typical day as an Offensive Cybersecurity Consultant may include:

• Effectively deliver offensive security assessments of internal/external networks, web applications, social engineering (phishing/vishing/SMShing/physical), Wireless Security Assessments, and Hardware security assessments.
  
• Clearly Document and deliver reports to clients in a presentation format and fluently talk through the risks of each vulnerability and the pertaining remediation guidance
  
• Chain vulnerabilities and utilized know/developed code to exploit vulnerabilities to determine severity and priorities of the assessment findings
  
• Research, develop, and test new concepts to find bugs and vulnerabilities throughout different software/hardware/operating systems and work with Eide Bailly to responsibly disclose any findings.
  
• Review and provide Quality Assurance of others reports prior to sending to clients
  
• Document and publish any research of new tools and tactics developed internally
  
• Manage and maintain offensive security lab and equipment.
  
• Cultivate new and existing client relationships to identify technology and security opportunities with clients and prospects based on business and technology conversations
  
• Assist in developing Statements of Work by defining scope, approach and estimated work effort to support our clients' needs
  
• Provide technical mentorship and leadership to grow technical staff knowledge and experience
  
• Maintain awareness of technology trends and issues to apply that knowledge to client issues and solutions.
  
• Apply advanced subject matter knowledge to complex security and technology issues
  
• Assist is cross functional delivery of services including Incident Response and cybersecurity assessments.
  

Who You Are

• Minimum two (2) years of experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Assessments, Web Application Assessments and/or Social Engineering across multiple clients.
  
• Minimum three (3) years of experience in a consulting services role, or related information security positions
  
• Bachelor's degree in computer science, management information systems, infrastructure security or related area of study preferred or related experience and training
  
• Security and Technical industry certifications a plus (CISSP, OSCP, OSCE, CEH, GPEN)
  
• In Depth Experience with penetration testing tool stack (i.e. Nessus, OpenVas, Qualys, Burp, Nmap, Kali, Metasploit, Meterpreter, Wireshark, etc.)
  
• Knowledge of programming languages (i.e. Python, Ruby, C/C++, etc.) for review and creation of security tools
  
• Deep knowledge of penetration testing methodologies
  
• Excellent understanding of IT protocols, network architectures, Operating Systems, technologies such as TCP/IP, OSI model and various other protocols, tools and methods
  
• Organized and meticulous with the ability to self-manage multiple engagements and maintain a professional attention to detail, navigating through any difficult situations that may occur
  
• Ability to identify your audience and speak in technical and not technical conversations, conveying security concepts without overwhelming your audience
  
• Ability to work both independently as well as on teams
  
• As a collaborator and leader, you are able to integrate feedback and provide constructive feedback to others to assist in improving processes and methodologies
  
• You are a researcher at heart, diving into new concepts and technologies and documenting your findings in whitepapers and our web insights/blogs and delivering presentations at conferences and webinars.
  
• Reverse engineering/Binary analysis experience a plus
  
• Excellent communication and collaboration with team members, practice areas and clients
  
• Obtain additional certifications as needed
  
• Travel up to 10% possible
  

Must be authorized to work in the United States now or in the future without visa sponsorship.

Culture at Eide Bailly

Integrity. Meaningful Relationships. People. Authenticity. Trust. That's how we work.

Eide Bailly is one of the top 25 CPA and business advisory firms in the nation. Our people are the foundation for our success. People join Eide Bailly for the opportunities and stay because of the culture. We're focused on building a collaborative workplace based on integrity, authenticity, and support for one another. You'll find opportunities for education and career growth, a team dedicated to your growth and success, and benefits that put you and your family's needs first. Hear what our employees have to say about working at Eide Bailly.

Compensation

Base salary range: $95,000 - $130,000

Our compensation philosophy emphasizes competitive and equitable pay. Eide Bailly complies with all local/state regulations regarding displaying ranges. Final compensation decisions are dependent upon factors such as geography, experience, education, skills, and internal equity.

Benefits

Beyond base compensation, Eide Bailly provides benefits such as: generous paid time off, comprehensive medical, dental, and vision insurance, 401(k) profit sharing, life and disability insurance, lifestyle spending account, certification incentives, education assistance, and a referral program.

Next Steps

We'll be in touch! If you look like the right fit for our position, one of our recruiters will be reaching out to schedule a phone interview with you to learn more about your career interests and goals. In the meantime, we encourage you to learn more about us on Facebook, Twitter, Instagram, LinkedIn or our About Us page.

For extra assistance in your job search journey, explore EB Career Resources-a complimentary external tool that offers career exploration, resume workshops, interview prep and other professional development options.