Application Security Testing
Apply NowCompany: Cloud BC Labs
Location: Newfield, NJ 08344
Description:
Application Security Testing
Location: New Jersey
Red Team Testing:
10+ years of proven experience in red team operations, penetration testing, and vulnerability assessment
Strong knowledge of attack techniques, tactics, and procedures (TTPs)
Proficiency with red team tools (e.g., Cobalt Strike, Metasploit, BloodHound, etc.)
Familiarity with programming and scripting languages (e.g., Python, PowerShell, Bash)
Understanding of network protocols, operating systems, cloud security, and security technologies
Experience with social engineering and phishing campaigns
Knowledge of lateral movement and privilege escalation techniques
Understanding of cryptographic principles and secure communication protocols
Knowledge of threat modeling and risk assessment methodologies
Experience with incident response and forensic analysis
Proficiency with conducting advanced penetration testing and adversarial simulations to identify security vulnerabilities
Proficiency with developing and executing test plans, scripts, and procedures for red team operations
Working knowledge of regulatory and industry security standards (e.g. GDPR, HIPAA, PCI DSS, SOX, NIST, DORA and GLBA)
Working knowledge of penetration testing using industry best practices such as OWASP top 10, CWE/ SANS TOP 25 standards and Threat-Led Penetration Testing (TLPT)
Proficiency with documenting and reporting security issues and vulnerabilities, providing recommendations for remediation and demonstrating/ explaining to a wide audience
Collaborate with blue team (defensive) counterparts to improve overall security posture
Relevant certifications (e.g., OSCP, CRTO, CEH, CISSP) are a plus
Location: New Jersey
Red Team Testing:
10+ years of proven experience in red team operations, penetration testing, and vulnerability assessment
Strong knowledge of attack techniques, tactics, and procedures (TTPs)
Proficiency with red team tools (e.g., Cobalt Strike, Metasploit, BloodHound, etc.)
Familiarity with programming and scripting languages (e.g., Python, PowerShell, Bash)
Understanding of network protocols, operating systems, cloud security, and security technologies
Experience with social engineering and phishing campaigns
Knowledge of lateral movement and privilege escalation techniques
Understanding of cryptographic principles and secure communication protocols
Knowledge of threat modeling and risk assessment methodologies
Experience with incident response and forensic analysis
Proficiency with conducting advanced penetration testing and adversarial simulations to identify security vulnerabilities
Proficiency with developing and executing test plans, scripts, and procedures for red team operations
Working knowledge of regulatory and industry security standards (e.g. GDPR, HIPAA, PCI DSS, SOX, NIST, DORA and GLBA)
Working knowledge of penetration testing using industry best practices such as OWASP top 10, CWE/ SANS TOP 25 standards and Threat-Led Penetration Testing (TLPT)
Proficiency with documenting and reporting security issues and vulnerabilities, providing recommendations for remediation and demonstrating/ explaining to a wide audience
Collaborate with blue team (defensive) counterparts to improve overall security posture
Relevant certifications (e.g., OSCP, CRTO, CEH, CISSP) are a plus