Penetration Testing Associate

PENETRATION TESTING ASSOCIATE

Working at Drawbridge
At Drawbridge, we are committed to attracting and retaining the best individuals who enjoy working in a dynamic environment.   You will be joining an agile team that will help you at every level of your career to identify and use your strengths to grow. This is an opportunity to work at a company that is open to new ideas as we build a dynamic and diverse environment for our employees. The work will be challenging and rewarding.  You will gain hands on experience from a team who strives to see its employees succeed. 

Working in Client Advisory
You will be joining a team of technical consultants who have a passion for understanding and defending against emerging cyber threats.  Our clients rely on our expertise to help them navigate the constantly changing cybersecurity landscape, and our team of consultants pair their technical knowledge and industry insight to offer critical risk management advice. The technical advisory team works as a collaborative unit, with each member bringing a unique technical skillset to the table.

Our Values 

• Innovation: As the market leader, Drawbridge draws on its in-depth, collective expertise in its constant effort to innovate both our platform and our approach to service 
• Integrity: Our clients and partners lean on us because they know we are trustworthy and honor what we say 
• Collaboration:  We are here to win, and we only win when we work together across team 
• Diversity: We are inclusive. We honor, respect, and appreciate each other’s differences and perspectives 

In this role you will:

• Conduct internal and external network penetration tests.
  • Manage external and internal penetration testing engagements with clients, including scoping, testing, report compilation, and presentation.
  • Lead testing engagements, and act as a technical escalation point for junior testers on the team.
  • Conduct testing against Drawbridge systems and present findings to internal stakeholders.
  • Maintain tracking of internal tasks, provide status updates to clients, team members, and managers, and ensure open and consistent communication with all stakeholders.
  • Establish and maintain relationships with clients, IT providers, and other service providers.
• Compile and present assessment reports.
  • Develop and refine report templates for technical and non-technical clients.
  • Present findings and recommendations to C-suite executives.
  • Provide insight into vulnerability attack vectors and severity for technical teams (client internal IT or outsourced IT providers) to aid in remediation.
  • Analyze findings and provide recommendations based on industry best practices.
• Improve processes and contribute to overall improvements in client deliverables.
  • Continuously improve the organization’s penetration test offering, including reporting and process enhancements.
  • Develop repeatable and teachable processes for performing various testing tasks.
  • Provide advisory services to internal teams and clients related to risk assessment analysis, incident response, and cyber best practices.

You Have

• 3+ years of offensive security experience
• Experience performing Web Application Penetration Tests
• Knowledge of penetration testing principles, tools, and techniques (e.g., metasploit, neosploit, etc.), and the ability to identify systemic security issues based on the analysis of vulnerability and configuration data
• Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
• Experience with Linux and Windows operating systems
• Working knowledge of networking concepts
• Working knowledge of scripting languages (Python, Powershell, JavaScript, etc.)
• Strong ability to prioritize, organize, and multi-task in a fast-paced environment
• Ability to work effectively with all levels in the organization, and proven experience partnering with internal and external customers
• Strong team spirit, balanced by a healthy sense of autonomy
• Excellent written and verbal communication skills
• Excellent time management skills

Nice if you have

• Knowledge of IT infrastructure, Cloud Technology, Business Continuity, Disaster Recovery, and Incident Response
• Experience training junior team members on penetration testing concepts and tools
• Knowledge of hedge fund, private equity, or RIA operations/compliance

We Offer

• Competitive compensation package
• Employer 401(k) Contribution
• Benefits including Medical, Dental, Vision Coverage and Life Insurance
• Generous Paid Time Off Policy
• Employee Assistance Program (with focus on mindfulness and well-being)
• Life Insurance & Personal Accident Insurance
• Health Savings Account (HSA) or Flexible Spending Account (FSA)
• Healthy Work/Life Balance
• Exclusive Employee Offerings & Perks

Base Salary Range
$75,000 - $95,000

About Drawbridge
Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry. Its proprietary platform helps firms exceed and manage their governance, risk, and compliance (GRC) requirements while combatting sophisticated cyber threats and third-party risks. Drawbridge's platform connects business, compliance, and IT to empower firms to centralize and manage their most robust security programs, improve their risk profile, and raise institutional capital. With a tested team focused on value delivery and a 900+ strong customer base, Drawbridge offers unmatched customer service and flexibility to help businesses proactively manage vulnerabilities, plan for growth, and reduce complexity.  At Drawbridge, we are committed to attracting and retaining the best individuals who enjoy working in a dynamic environment

Our Hiring Process
We want to hire the most qualified individuals.  We have designed a multi-step selection process that may include interviews and assessments.  We render decisions quickly and we are eager to get to know you.


Affirmative Action and Equal Opportunity Employer
Drawbridge Partners, LLC is an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, non-disqualifying physical or mental disability, protected veteran status, or any other legally protected characteristic, in accordance with applicable law.  All employment is decided on the basis of qualifications, merit, and business needs.