Senior Security Consultant
We are looking for security consultants with experience delivering exceptional client engagements including penetration tests, mobile and web application security reviews, vulnerability assessments, and wireless security reviews.
This is a work-from-home, remote position. We value our team and offer great benefits such as retirement match, medical/dental/vision, FLEX savings plan, and an extensive PTO. We let consultants pick their own laptop with their choice of OS and tools as well as monthly cell phone reimbursement. Stratum Security is a technically driven organization. The core consulting team is built on senior level consultants that have contributed to Black Hat, DEF CON, Shmoocon, and OWASP. It is a great environment for security geeks that are seeking to contribute and grow in an exceptional company.
Application Security Testing – Experience running web application security scanners (e.g. Web Inspect, AppScan, Cenzic, Netsparker, etc.) as well as intimate knowledge of client-side proxies (e.g. Paros Burp, etc.), knowledge of input validation, session management, authorization flaws, web application frameworks, and complex enterprise applications.
Network Vulnerability Assessment and Penetration Testing – Experience running network vulnerability scanners (e.g. Nessus, Nexpose, etc.) as well as nmap, Metasploit, python, shell scripting, perl, etc.(not mandatory) – Source Code Review/SDLC – Development skills, developing .Net, Java, C#, C/C++ and other enterprise code. Experience running Ounce and/or Fortify a plus. Understanding of enterprise software development, 3rd party products, and software security issues.
3-5 years of information security consulting experience
Strong understanding of information technology security and concepts
Strong oral and written communication skills
Ability to pass standard background check and drug test
Contact Us: Send your resume to firstname.lastname@example.org
About Stratum Security
Stratum Security is an information security professional services firm headquarted in the Washington DC Metro area. Founded in 2005, Stratum Security provides services to clients worldwide. Stratum’s core capabilities include network security vulnerability assessment and penetration testing, application and database security audits, security architecture, compliance (PCI, HIPAA, ISO, FISMA), and threat simulation. Our list of successful engagements include large multi-national enterprises to small start-ups in a wide array of industries including finance, insurance, retail, hospitality, education, health care, government, technology, non-profit, energy, and telecommunications. Stratum Security is a privately-held small business.
Stratum Security’s sole focus is information assurance with an emphasis on identifying critical risk and building effective solutions. Our people have researched and identified various vulnerabilities and regularly speak at information security industry conferences.
Stratum leverages our deep assessment experience to provide innovative solutions that meet evolving threats. Our experts continuously identify new attack and threat vectors through our work with various organizations in the financial and technology sectors. The information is used to evolve our penetration testing activities to simulate evolving threats in order to assess organizations in a manner that best represents current threats. Recent areas of focus include spear-phishing, data exfiltration, mobile applications, and web-based applications.