Bank Cybersecurity Pentesting Senior Consultant – Crowe – New York, NY
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Your Journey At Crowe Starts Here
At Crowe, you have the opportunity to deliver innovative solutions to today’s complex business issues. Crowe’s accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a “Best Place to Work.” We are 75 years strong and still growing. Come grow with us!
Joining our Consulting Financial Services practice is an opportunity to join a dynamic and growing practice which has a passion for serving clients and our community. From day one of your career, you will assist our clients to transform their governance, embed risk in their decision-making, and arm them with insights that will make them stronger. We will enable an entrepreneurial and innovative environment for you to deliver transformative consulting services and to develop deeply specialized skill sets demanded in today’s market.
The Bank Cybersecurity Pentesting Senior Consultant will be responsible for providing their penetration testing experience to execute cybersecurity projects and deliver high quality work to our clients. This position will work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed. The Penetration Testing Senior Consultant will lead and execute technical work in an individual and team settings. This will include oversight of some junior-level personnel, set performance expectations and provide constructive performance feedback on a regular basis. This person may also assist the engagement economics of the projects, including budget status tracking.
The Penetration Testing Senior Consultant will conduct Internal and External Penetration Assessment, as well as execute Cybersecurity Assessments, including but not limited to the following areas and responsibilities
- Perform Penetration Assessments against internal and external corporate networks
- Comprehension of potential performance impact vulnerability exploitation may have on a production environment
- Perform network reconnaissance activities and acquire OSINT to support engagements
- Identify vulnerabilities within Windows Active Directory and perform exploits to acquire related information or credentials
- Execute local system privilege escalation attacks on Windows Systems
- Perform network-based attacks
- Microsoft SQL database exploitation
- Evade malicious code detection solutions during advanced engagements
- Stay up to date with the latest vulnerabilities and exploits
- Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the Project.
- Submit recommendations to client for corrective action or to support a recommend approach to solving the client’s needs.
- Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively.
- Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
- Bachelor’s degree required, candidates must possess significant analytical skills, which likely evolved from early academic training in Cybersecurity, Information Systems, Computer Science, or similar discipline
- Minimum 2-4 years of business experience in the areas of Information Security
- Financial Services experience strongly preferre
- CISSP, OSCP, CREST Penetration Testing, or equivalent certification preferred
- Experience performing Penetration Assessments against internal and external corporate networks
- Experience performing network reconnaissance activities and acquiring OSINT
- Familiar with various attack frameworks such as MITRE ATT&CK
- Experience with Windows Active Directory and related exploits/misconfigurations
- Familiarity with network and system pivoting techniques
- Experience performing local system privilege escalation on Windows Systems
- Experience performing network-based attacks such as protocol abuse and redirection attacks
- Familiarity with Microsoft SQL database functionality and exploitation
- Familiarity with evading malicious code detection solutions
- Experience within consulting or professional services, or at leading industry public companies is preferred
- Prior experience supervising junior level resources in the areas of Information Security
- Strong writing and interpersonal communication skills
- The ability to handle multiple projects concurrently
Technology Skills Preferred
- Network Security Practices: Auditing, planning, design, implementation, testing, and management
- Microsoft Windows and Kali Linux
- Microsoft Active Directory and Group Policy
- Network architecture and protocols: TCP, UPD, IP, HTTP(S), DNS, NetBIOS, LLMNR, SMB, SSH, IPSec, EIGRP, OSPF, BGP, TLS, and others
- Microsoft SQL Server, VMware, Azure, AWS
- Penetration Testing tools: Burp, Nmap, Metasploit, Empire, Cobalt Strike, and others
- Intrusion Detection, Intrusion Prevention, Security Information and Event Management solutions
- Cryptographic tools, suites, and algorithms
Get Cyber Security Training
- IBM Cybersecurity Analyst Professional CertificateIntroduction to Cybersecurity Tools & Cyber Attacks by IBM
- Generative Adversarial Networks (GANs) Specialization from DeepLearning.AI
- Agile Leadership Specialization from the University of Colorado
- International Cyber Conflicts from the State University of New York (SUNY)
- IT Fundamentals for Cybersecurity Specialization by IBM
- Google Cloud Security Professional Certificate from Google Cloud
- Google Cloud Networking Professional Certificate from Google Cloud
- Introduction to Blockchain Specialization from Association of International Certified Professional Accountants
At Crowe, we know that great people is what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you!
How You Can Grow
We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!
More About Crowe
Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country’s best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.
Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.