Senior Security Engineer; Penetration Testing​/GRC Assessments

Position: Senior Security Engineer (Penetration Testing/GRC Assessments) Perform risk and security assessments, design secure infrastructure architectures, and enhance communication. Structured Communication Systems is a leading information technology consultancy and systems integrator. We are experts at architecting and implementing secure and reliable solutions for delivering business applications, ensuring business continuity, enhancing data center performance and efficiency, enabling mobile workers, securing information assets and providing information security and governance. Structured has an immediate remote opening for a Senior Security Engineer(Penetration Testing/GRC Assessments) (must be available to work Pacific Time Zone hours). As part of our team, you’ll be responsible for conducting comprehensive penetration testing and security assessments using a wide range of offensive security tools and methodologies. The primary focus is on identifying vulnerabilities through network and application layer testing, social engineering, and red team operations. This position will also support compliance assessment activities and be responsible for designing and implementing security-oriented solutions, assisting with troubleshooting and consultation of various security and networking projects. This position also provides pre-sales assistance to Account Executives, which may include the development of presentations and/or proposals. This role also directly interfaces with the end-user customer(s). Compensation: $ – $ annually Travel Requirements This position may require considerable travel for short- to medium-term projects based on customer location and project needs. Essential Duties and Responsibilities An individual must be able to perform each essential duty satisfactorily in order to meet the qualifications required to perform this job successfully. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Performs comprehensive penetration testing for internal and external environments, including network and application layer testing, web application assessments (OWASP Top 10, APIs, mobile apps), wireless security, and social engineering campaigns. • Conducts red team operations, adversary simulation exercises, and vulnerability assessments to identify and exploit security weaknesses in systems, applications, and infrastructure. • Develops custom exploits and tools to support penetration testing activities. • Performs security assessments from frameworks in the following compliance areas: PCI DSS, HIPAA, GLBA, SOX, GDPR, CIS Critical Security Controls, NERC CIP, and ISO 27000. • Performs risk assessments according to guidance, including NIST SP 800-30 or OCTAVE. • Creates incident response plans and conducts tabletop exercises. • Writes professional penetration testing and assessment reports that include detailed findings, risk ratings, and remediation recommendations as a deliverable. • Responsible for the implementation/configuration of the various systems and appliances for the manufacturers that Structured represents. • Responsible for creating alternative designs to satisfy performance and cost criteria based upon customer requirements. • Identifies and corrects faults and provides resolution of complex problems based upon tickets that are escalated from Structured’s help desk. • Effectively communicate Structured’s value proposition through presentations, proposals, and the development of collateral to drive sales and the branding of Structured • Supports sales opportunities with Account Executives. • Interfaces with end-users for the purpose of designing and implementing new solutions. • Ability to troubleshoot problems with existing systems/solutions. • Ability to translate highly technical material into common language for purposes of generating reports. • Supervises projects and work assignments in order to ensure effective and efficient delivery. • Prepares reports in order to update management regarding project status and/or manufacturer updates. • Provides input for professional service statements of work (“SOW”) and create SOWs as directed, as… Apply tot his job