IBM Global Security - Penetration Testing Consultant - X-Force Red in Armonk, New York

Job Description

Are you passionate about breaking into applications, networks, systems, databases, devices and other technologies to uncover security vulnerabilities and help fix them? Are you interested in joining a team of like-minded passionate experts, many of whom have decades of experience breaking into anything and everything to help organizations strengthen their security? Are you looking to learn from the best and gain real word consulting experience? If so, X-Force Red, IBM Security’s team of veteran hackers, is looking for a Security Consultant, and you may be the perfect fit.

The Security Consultant will be part of the X-Force Red Offensive Security team. The consultant’s primary duty is to perform penetration tests against clients’ application and network assets. Engagements typically range from two to four weeks. As this is an entry-level consultant role, Security Consultants will be expected to support senior consultants on pentests, communicate effectively, and follow string penetration testing methodologies.

He/She should have in-depth of knowledge and experience understanding a client’s environment, running tests against these environments, and escalating or gaining access to system by leveraging weak controls. The consultant must be able to rapidly learn new technologies and processes, adhere to methodologies, and work with oversight from senior team members. There is a potential for 25% travel, including international travel. Travel depends on project requirements.

Core Consulting Qualifications:

  • Effective communication and presentation skills

  • Ability to follow guidance from senior consultants

  • Be open to feedback on both soft skills and technical learning objectives

  • The ability to contribute to large groups and be a key facilitator

  • Demonstrated written skills

  • Drive to do research, publications, blogs, presentations, etc.

  • Comfortable working in a project based / client serving model

  • Ability to understand and communicate client expectations

  • Help drive pursuits and engage in complex deals, matching outcomes to expectations

  • Ability to work easily with diverse and dynamic teams

  • Ability to work in a matrix management model

  • Ability to self-start, and work independently on projects

Required Technical and Professional Expertise

  • 2+ years of penetration testing experience

  • 1+ technical internships performing penetration testing

  • Experience in system administration, network administration, or programming

  • Desire to gain strong consulting skills and experience

  • Ability to perform penetration tests against web applications plus at least one of the following: internal networks, wireless networks, mobile applications, thick-client applications, embedded applications, hardware

  • Strong understanding of networks, firewalls, protocols, routing, and security technologies

  • Effective English writing skills

Preferred Tech and Prof Experience

  • Programming experience in one or more of the following: Java, .Net, Python, or Ruby

  • OSCP, OSCE, or other technical certifications

  • Top placement in college level and conference hacking CTFs

  • Experience in reverse engineering software or hardware

  • Experience editing documents for grammar, clarity, and technical accuracy

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.