Security Consultant (Bug Bounty Services)

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. Take a look at our website here to learn more about why we're a leading cyber security and risk mitigation business... https://www.nccgroup.trust/us/our-services/cyber-security/

Your Impact -
• We need more people who enjoy puzzles, breaking things, fixing things, solving complex
challenges, and communicating with people.
• You will work on your own and within teams of experts to penetrate into computer networks,
applications or systems in order to figure out how a real criminal would do it.
• Apply state of the art methodologies, tooling and skills to demonstrate real vulnerabilities, and help clients improve their security posture and technical controls to mitigate the issues.
• As a Penetration Tester and Consultant, you'll conduct ongoing research into latest attack TTPs, collaborate with NCC's technical consultants and discover dangerous flaws and major security vulnerabilities for our Clients before they're found by hackers of more malicious intent

The Opportunity -
• Work with an amazing team and national leaders doing fun, challenging and rewarding work
• Make a difference in the security mindset of businesses and, ultimately, society.
• Excellent growth opportunities ranging from Intern, Associate, General, Senior, and Principal to becoming an Expert or going into Management
• Research: You will have the rare opportunity to do independent research during work hours with cash bonuses. NCC will provide you with the tools and resources to conduct successful research that will be integrated with client engagements
• Community: Join, present, host at local Cyber meetups, universities and organizations.
• Knowledge sharing both inside and outside of NCC Group is highly encouraged.
• Benefits: 401k match up to 5% of annual salary, PTO, Health insurance, Dental Insurance, Vision Insurance, Life Insurance, Commuter Benefits, Paid Holidays

The Challenge -
• You must be determined, passionate and thorough with a keen eye for detail
• We don't stop at the first vulnerability. We do a complete and thorough analysis until we've
found all possible vulnerabilities.

The Bare Necessities
• Proficient in at least 1 programming language:
• For example: PHP, Python, Ruby, Java, JS, C#
• Ability to review source code and identify common security vulnerabilities

Experience in 1 other area of Security, such as:
• Network penetration testing
• Mobile application penetration testing (Android or iOS)
• Cloud provider configuration reviews (AWS, GCP, Azure, etc)
• Reverse engineering
• Virtualization Digital Forensics and Incident Response (DFIR)
• Hardware security (IoT, embedded devices, etc.)
• Exploit development
• Operating system internals (Windows, Linux, OSX, *BSD, etc.)
• Source code reviews

• Ability to travel and visit Client sites - in future state
• Great communication skills
• Bachelor's degree or Equivalent years of experience

It Would Be Cool If You Knew This
• Experience using Burp Suite, Scout2 and other modern security tooling
• Hack on things in your spare time
• Published CVE's, papers or security research, spoken at cons or meetups
• Developed security relevant tools

Where in the world is NCC?
United States: New York, NY | Austin, TX | Boston, MA | Chicago, IL | Atlanta, GA | San Francisco, CA| Sunnyvale, CA | Seattle, WA, Canada, United Kingdom, Europe, Asia-Pacific and United Arab Emirates