Meditology Services logo

Senior Penetration Tester

Meditology Services
Full-time
Remote

About Us

Meditology Services is a top-ranked provider of information risk management, cybersecurity, privacy, and regulatory compliance consulting services exclusively for healthcare organizations. We service hundreds of healthcare clients coast-to-coast and maintain offices in Atlanta, Philadelphia, Nashville, Denver, and San Diego. Our core values are rooted in humility, compassion, personal accountability, strong work ethic, teamwork, and a thirst for learning.


Position Description:

Perform various penetration testing assessments to customers as an individual contributor or as part of a team delivering the assessment. The consultant should be comfortable identifying vulnerabilities, exploiting vulnerabilities, performing post-exploitation activities and explaining the path to compromise to external and internal stakeholders. The Senior Penetration Tester has deep technical skills and can work on variety of engagements including network penetration testing, social engineering, web application and mobile security testing, cloud penetration testing and technical security testing audits. This position will have a heavier emphasis on application penetration testing service delivery and serve as Meditology subject matter expert for application security testing.


Responsibilities include:

  • Assisting in the planning, scoping and management of cyber security and penetration testing engagements.
  • Ability to work effectively and utilize project management skills to manage tasks according to strict deadlines, understanding the importance of effective time management.
  • Ability to manage effectively multiple, concurrent projects and meet deadlines while working both independently and in a team environment.
  • Ability to work as an individual contributor with little oversight or in a team.
  • A strong focus and serve as Meditology subject matter expert for application penetration testing (web based, API, mobile and desktop).
  • Ability to work on network penetration including external, internal, and wireless assessments.
  • Ability to work on other projects as needed such as cloud penetration and security configuration assessments, social engineering, and technical testing security audits.
  • Ensure quality reports and services are delivered efficiently and on time.
  • Continue to develop professional skills with relevant industry specific certifications or training. Maintains strong depth of knowledge in the practice area.
  • Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
  • Escalate client and project-related issues to management in a timely manner to inform and engage the necessary resources to address the issue.
  • Assist in working on internal initiatives to help develop the service line and contribute to thought leadership.

Requirements:

  • 4+ years of security industry experience (preferably in consulting).
  • 3+ years of application security testing experience including web application, API, mobile and desktop and running static code analysis tools.
  • 2+ years of network penetration testing experience including external, internal, and wireless testing.
  • Cloud penetration testing experience against Azure, AWS, and GCP a plus.
  • Social engineering testing experience a plus.
  • Ai penetration testing experience a plus.
  • iOT/medical device penetration testing a plus.
  • Background in application development/engineering a plus.
  • Understanding and prior experience working in healthcare environments a plus.
  • Experience testing against one or more IT security compliance frameworks, such as PCI, HIPAA, NIST, and HITRUST.
  • Familiarity with Open-Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Software Assurance Maturity Model (SAMM), National Institute of Standards and Technology (NIST) Special Publications, Mitre Att&ck framework and PTES (Penetration Testing Execution Standard).
  • Comes with a can-do attitude and ability to critically and creatively think and problem solve.
  • Excellent verbal and written communication skills, including technical writing of assessment reports, presentations, and operating procedures.
  • Experience juggling multi concurrent projects at once.
  • Experience mentoring and overseeing junior staff as needed.
  • Experience working across organizations, managing multiple, high-priority tasks.
  • Strong written & verbal communication skills.
  • The duties and responsibilities described are not a comprehensive list and additional tasks may be assigned to the employee from time to time; or
  • The scope of the job may change as necessitated by business demands.

Education/Experience:

  • BS degree in Computer Science, Information Systems, Business Administration or related field. Master Degree and/or an MBA degree would be a plus.

Physical Requirements:

  • Prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 15 pounds at times.



Meditology Services and CORL Technologies is an equal opportunity employer. The company does not discriminate in employment and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, ancestry, national origin, gender, pregnancy, sexual orientation, gender identity, marital status, religion, age, disability, results of genetic testing, service in the military or any other trait that is protected under local, state or federal law. Equal employment opportunity applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation, and training.


#LI-Remote