Cybersecurity Assessor

Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team.

Job Title: Cybersecurity Assessor

Location(s): Washington, DC

Job Description:

• Plan and Execute Simulated Attacks: Design, plan, and conduct red team exercises, including but not limited to phishing, social engineering, network intrusion, and physical security tests.
• Adversary Emulation: Mimic advanced adversaries' tactics and behaviours to test the organization's security capabilities.
• Vulnerability Identification and Exploitation: Identify, exploit, and document security weaknesses in systems, networks, and applications.
• Reporting and Documentation: Document findings, prepare detailed reports, and present actionable recommendations to stakeholders, including risk assessments and suggested remediations.
• Tools and Frameworks: Use and maintain tools for penetration testing, vulnerability assessments, and social engineering (e.g., Metasploit, Cobalt Strike, Kali Linux, Burp Suite).
• Compliance: Ensure that all red team activities align with regulatory requirements, organizational policies, and ethical standards.

• Certifications: (Preferred): OSCP, CRTP, or other relevant cybersecurity certifications.
• Experience: 4+ years of experience in cybersecurity, with at least 1-2 years in penetration testing or red teaming.

• Proficient in offensive security tools (e.g., Metasploit, Nmap, Burp Suite, Cobalt Strike).
• Knowledge of various attack frameworks (e.g., MITRE Telecommunication&CK, Cyber Kill Chain).
• Familiarity with scripting languages such as Python, PowerShell, or Bash.
• Experience with social engineering, phishing, and physical security assessments.