Associate Offensive Cybersecurity Engineer - Application Focused

What will you be doing?
Evolve Security is looking for an Web and Mobile Application focused Associate Cybersecurity Engineer to join our growing team. This position will assist with the overall successful delivery of various application vulnerability assessments, continuous internal / external penetration assessments, incident response and detection assessments, and other types of security strategy services and architecture reviews.
Responsibilities include:

Providing cybersecurity guidance and strategy to Evolve Security clients
Performing technical network penetration testing and application security assessment projects
Assisting with building internal Evolve Security processes, procedures, templates and methodologies
Assisting with development of technology that supports the delivery of cyber security services
Other duties as assigned to help support the growth and expansion of enterprise and academy initiatives
Requirements
Are you the right fit?
Passionate about cybersecurity with a curiosity to learn
1+ years of information technology experience, ideally with a focus on information security
At least 1 year of experience in web application and mobile app penetration testing in a consulting role
Strong understanding of web application and mobile app security principles and common vulnerabilities
Familiarity with common penetration testing tools such as Burp Suite, Acunetix, Nessus and Metasploit
Knowledge of multiple operating systems (Windows, macOS, Linux)
Knowledge of the application stack including, web, mobile and API
Experience with a variety of database technologies such as MSSQL, MySQL, and MongoDBFundamental knowledge and understanding of networking technologies (IP, TCP, UDP, etc.)
Scripting experience in one of your preferred scripting languages
A desire to tinker and understand how things work
Ability to interface with clients, utilizing consulting and negotiating skills
Strongly self-motivated and able to work independently towards team objectives
Strong communication skills (oral and written) and ability to work as part of a team
Preferred Qualifications
Hold at least one of the following certifications:
PJPT, PNPT, OSCP, BSCP, CEH, GWAPT, eCPPT, CRTO, GPEN, Security+, ESCP, OSWA, OSWE
Experience developing web applications, thick clients or mobile apps
Experience with common web frameworks (Angular, React, and others)
Actively engages in the community and personal skill development through activities such as:
contributing to open-source projects on GitHub, writing about security topics, participating in CTF competitions, engaging with online cybersecurity labs like HackTheBox and TryHackMe, maintaining a personal home lab to sharpen practical skills, and regularly attending meetings of local cybersecurity groups.
Skilled in functioning effectively within the major cloud platforms
Benefits
Why join us?
Progressive startup culture in a high growth organization, with minimal bureaucracy
Engage in a fast-paced and challenging environment with opportunity to grow your talents
Evolve Security Academy cybersecurity training
Paid Company Holidays
Healthcare Benefits
401(k) plan with Employer match
Parental Leave
Flexible Paid Time Off
Annual vacation reimbursement
Education/conference budget
Who is Evolve Security?
Evolve Security is a technology driven cybersecurity services firm headquartered in Chicago, IL. We are dedicated to improving our client’s security posture by providing Continuous Penetration Testing, training services, and talent solutions.
In addition to our professional cybersecurity service offerings, Evolve Security offers a cybersecurity bootcamp, “Evolve Academy”, currently ranked the #1 cybersecurity bootcamp in the world. The Cybersecurity Bootcamp in Chicago provides immersive training, giving students the concrete and practical skills, needed on the job. Students gain real work experience through live security assessment work that they perform on not-for-profit companies.
We are passionate about directly improving our customers’ security posture, and we proudly train others to help meet the need for qualified cybersecurity talent.