ABOUT US:

Braintrust is a user-owned talent network that connects top-tier professionals with the world's leading enterprises. We prioritize transparency, eliminating middlemen and high markups, ensuring job-seekers are matched swiftly to innovative roles while clients benefit from unparalleled efficiency and quality.

ABOUT THE HIRING PROCESS:

The hiring process for this role involves completing your Braintrust profile, applying directly to the role on Braintrust, and undergoing a one-time screening to ensure you meet our vetted talent specifications. After this, the hiring team will contact you directly if they believe you are a suitable match.

Our process isn't for everyone, that's intentional. If you believe that you are a top candidate for this job, please join our network to give yourself the opportunity to work with top companies.

 

  • JOB TYPE: Freelance, Contract Position (no agencies/C2C - see notes below)
  • LOCATION: Albany, NY, Atlanta, GA, Buffalo, NY, Rochester, NY
  • HOURLY RANGE: Our client is looking to pay $75 – $85 /hr
  • ESTIMATED DURATION: 40h/week - Long term
  • EXPERIENCE: 3-5 years
  • BRAINTRUST JOB ID: 9529

 

THE OPPORTUNITY

Requirements

THIS IS A 6 MONTH CONTRACT WITH THE INTENTION OF CONVERTING TO FTE. PLEASE DO NOT APPLY IF YOU ARE NOT INTERESTED IN CONVERTING TO A FULL TIME EMPLOYEE

MUST BE LOCATED IN ONE OF THESE CITIES

ATLANTA, GA

ROCHESTER, NY

BUFFALO, NY

ALABANY, NY

Security Consultant - VAPT

Job Description

ProArch is a global IT consulting firm providing Security, Data, Application Dev, and Cloud services. Offices are located in the US, UK and India.

ProArch is seeking a highly skilled, seasoned, and motivated Penetration Tester to join our cybersecurity team. The ideal candidate will have a passion for identifying vulnerabilities, exploiting weaknesses, and helping organizations enhance their security posture. As a Security Consultant – VAPT at ProArch, you will play a crucial role in assessing the security of our clients' networks, applications, and systems. This position reports to the Director of Global Cybersecurity Services and will work collaboratively with other delivery managers, Solution Architects, and the CTO Office. Communication skills are essential as this position will be the technical contact point for team members and an escalation point for client relationships.

JOB RESPONSIBILITIES

  • Conduct comprehensive penetration testing and vulnerability assessments on computer systems, networks, and applications
  • Identify and exploit security vulnerabilities through manual testing techniques, automated tools, and other means.
  • Perform in-depth analysis of test results, documenting and communicating findings to technical and non-technical stakeholders
  • Develop and execute detailed test plans and methodologies for conducting penetration tests.
  • Collaborate with cross-functional teams, including developers, system administrators, and network engineers, to implement remediation strategies and mitigate identified vulnerabilities.
  • Manage project timelines, deadlines, and expectations – including client interaction.
  • Stay updated on the latest security threats, attack vectors, and penetration testing techniques, and continuously enhance knowledge and skills in the field of information security.
  • Assist in the development and improvement of security policies, procedures, and guidelines.
  • Mentor and provide guidance to junior members of the penetration testing team.
  • Participate in red teaming exercises and simulate real-world attack scenarios to assess the overall security posture of the organization. Having proficient knowledge in MITRE ATT&CK framework.
  • Maintain accurate and detailed documentation of testing activities, findings, and recommendations
  • Prepare reports documenting identified issues based on internal templates.
  • Interact with clients to deliver results, provide feedback, and remediation recommendations on findings.
  • Research emerging security topics and new attack vectors
  • Perform and review the hardening of the systems and network devices.
  • Manage project timelines, deadlines, and expectations – including client interactions.

What you’ll be working on

TECHNICAL SKILLS

  • Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE)
  • Experience creating/developing programs from scratch.
  • Experience drafting policies, Standards, and procedures
  • Penetration Testing in 3 or more of the following:
    • Web Applications
    • Network (Internal / External)
    • Active Directory
    • Mobile Applications
    • Cloud Environments
    • Phishing
  • Tools / Services:
    • NMAP
    • BurpSuite
    • CrackMapExec
    • BloodHound
    • Ansible
    • Terraform
    • Git
    • Microsoft Azure
    • Amazon Web Servicee
    • Google Cloud Provider

 

 REQUIREMENTS

  • At least 5 years of experience in penetration testing and vulnerability assessments, with a focus on web applications, networks, and infrastructure.
  • Must be proficient in python development. Proficiency in other scripting languages such as perl, ruby, etc. is an added advantage
  • In-depth knowledge of various penetration testing tools and frameworks (e.g., Kali Linux, Metasploit, Burp Suite, Nmap, Wireshark, etc.).
  • Strong understanding of common vulnerabilities and attack vectors (e.g., SQL injection, cross-site scripting, buffer overflows, etc.) and corresponding mitigation techniques.
  • Ability to correlate different threats like Ransomware, APT groups, Malware, Exploit Kits, etc.
  • Familiarity with industry standards and frameworks such as OWASP, OSSTMM, and NIST.
  • Experience with cloud platforms (e.g., AWS, Azure, Google Cloud) and related security controls.
  • Excellent analytical and problem-solving skills, with the ability to think creatively and strategically to find vulnerabilities.
  • Effective communication and presentation skills to convey complex technical concepts to both technical and non-technical stakeholders.
  • Development knowledge of common programming languages like java, asp .net, PHP, etc. would be an added advantage.
  • Excellent oral and written communication skills.

EDUCATION AND CERTIFICATIONS

  • Bachelor’s degree in computer science/Engineering/IT or significant demonstrable experience in IT/OT security
  • Must have leading Penetration Testing/Red Team Certifications such as CompTIA PenTest+, GIAC Penetration Tester (GPEN), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), Offensive Security Certified Professional (OSCP), CREST Registered Penetration Tester (CRT), Certified Red Team Operations Professional (CRTOP), EC-Council’s Certified Penetration Testing Professional (C|PENT) or other Penetration Testing certifications.

Apply Now!

Notes:

Our employers all have varying legal and geographic requirements for their roles, they trust Braintrust to find them the talent that meet their unique specifications. For that reason, this role is not available to C2C candidates working with an agency. If you are a professional contractor who has created an LLC/corp around their consulting practice, this is well aligned with Braintrust and we’d welcome your application.

Braintrust values the multitude of talents and perspectives that a diverse workforce brings. All qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status.

Apply for this Job

* Required
resume chosen  
(File types: pdf, doc, docx, txt, rtf)
Cancel
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)
Cancel
Our system has flagged this application as potentially being associated with bot traffic. Please turn off any VPNs, clear your browser cache and cookies, or try submitting your application in a different browser. If this issue persists, please reach out to our support team via our help center.
Please complete the reCAPTCHA above.