Security Specialist- Technical


Cybersecurity Services Manager, Technical Team



Start Date:


Travel Requirements:

Up to 65%

Position Description

The Security Specialist provides foundational business-focused cybersecurity solutions, including risk assessment, governance, data classification, policies, controls and procedures, awareness, vendor risk management, and incident response. Other responsibilities include leading delivery of client solutions and acting as a trusted advisor to help solve business-critical problems. This position is a critical member of a cybersecurity-focused business solution team, composed of capable and high-caliber cybersecurity professionals.

Position Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Perform external, internal, and wireless network penetration tests
  • Perform physical and social engineering penetration tests
  • Perform web and mobile application penetration tests
  • Produce detailed findings and recommendations, and deliver those findings to senior management, board members and key stakeholders
  • Initiate and participate in process improvement
  • Supports Technical Services team leaders as they assess and consult with clients in delivery of technical services, including Penetration Testing, Vulnerability Assessment and Incident Response
  • Contribute to project management, communications and other activities required for successful service delivery
  • Maintain proficiency in and awareness of security services, industry trends, tactics, techniques and procedures
  • Maintain proficiency with security tools, where applicable
  • Act as a cybersecurity resource for GreyCastle Security clients
  • Supports senior members in all aspects of security and risk management
  • Corporate Responsibility

    Information security is everyone’s responsibility. GreyCastle Security employees are responsible for:

  • Understanding and following GreyCastle Security’s information security policies and procedures
  • Remaining vigilant and reporting any suspicious activity or possible weaknesses in GreyCastle Security’s information security
  • Actively participating in GreyCastle Security’s efforts to maintain and improve information security
  • GreyCastle Security considers this position as High Risk with a likely potential to view, access, or download restricted information, private client information or internal data. This information must be treated with sensitivity and in the most secure manner.

Supervisory Responsibility

This position has no supervisory responsibilities.

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms.

This position requires the ability to occasionally lift office products and supplies, up to 20 pounds.

Position Type/Expected Hours of Work

This is a full-time position, and hours of work and days are Monday through Friday, 8:00 a.m. to 5:00 p.m.

Required Skills and Qualifications

  • Proficiency of Web application, Mobile application and API technologies
  • Knowledge of emerging security technologies, software, and methodologies
  • Familiarity with a broad range of computing platforms and network protocols
  • Proficiency with Windows, Linux and other operating system
  • Proficiency with Microsoft Office, including PowerPoint
  • Social Engineering and Testing
  • Physical Security Testing

Required Education and Experience

  • 3+ years of experience in the cybersecurity industry working with business customers
  • Bachelor’s Degree or equivalent professional experience in cybersecurity industry
  • At least one (1) of the following Industry-recognized certifications, in good standing:

    o Offensive Security Certified Professional (OSCP) Certification

    o Offensive Security Certified Expert (OSCE) Certification

    o GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) Certification

    o GIAC Penetration Tester (GPEN) Certification

    o GIAC Web Application Penetration Tester (GWAPT) Certification

  • Demonstrated proficiency in leading and supporting cybersecurity services, with a primary focus on network penetration testing, web application penetration testing, social engineering, wireless penetration testing, physical security testing, and vulnerability management
  • Strong understanding of system architecture and design, operating systems, network infrastructure, device configuration hardening, and patch and configuration management
  • Experience with programming or scripting languages such as Python, PowerShell, Bash, Ruby, Java, XML, SOAP, JSON, AJAX, etc.
  • Experience with penetration testing frameworks and tools, such as Kali Linux, The Penetration Testers Framework, Metasploit, Canvas, Cobalt Strike, Burp Suite Pro, Nexpose, Nessus, Wireshark, Nmap, etc.
  • Familiarity with security testing standards such as OWASP, NIST SP 800-115, and PCI penetration testing requirements

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Equal Opportunity Employer

GreyCastle Security is an equal opportunity employer, and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status, or any other protected factors or classes.