Penetration Tester

Schellman is a leading provider of attestation and compliance services. Our professional services focus on security and privacy audits, assessments, and certifications.  Schellman has become one of the largest cybersecurity assessment firms in the United States without providing any traditional accounting services, such as financial statement audits or tax preparation services, as other CPA firms.  We are an accredited multi-framework ISO Certification Body for security, privacy, business continuity, and quality; a globally licensed PCI Qualified Security Assessor and a top provider to clients serving the federal DoD space as a leading FedRAMP 3PAO and the first assessment firm authorized as a CMMC C3PAO.

Job Description

Associates are primarily responsible for hands-on project execution.  Associates are not typically dedicated to a specific service line and may participate on a variety of project types, including SOC 1, SOC 2, PCI, ISO, and Cloud Security, among others.

Associates are assigned to a specific service delivery principal that is responsible for supervising the associate’s career development.  Additionally, associate’s daily activities are closely supervised by the management teams of their assigned projects.

Associates typically have no responsibility for supervising others.

Essential Functions

• Complying with Schellman’s code of ethics and professional conduct, methodologies, policies, and procedures

• Adhering to the professional and regulatory standards relevant to assigned service line specialization(s)

• Promoting Schellman’s company culture and exemplifying Schellman's values

• Establishing high quality relationships and rapport with client personnel

• Managing client expectations to ensure expectations are exceeded

• Completing assigned duties in a timely manner and with a high attention to detail

• Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project

• Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks

• Escalating issues internally in a proper and timely manner

• Using discretion and decorum in the timing, form, and content of all client communications

• Booking travel reservations in a timely manner and in accordance with Schellman's travel and expense policies and procedures

• Performing the essential functions of other service delivery positions when qualified and called upon to do so

• Attending project kick-off and closing meetings

• Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable

• Serving as a contact for clients' basic questions regarding an engagement

• Contributing to Schellman's practice development efforts

• Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s)

Knowledge, Skills and Abilities

• Familiarity with Schellman’s services, methodology, and relevant professional standards

• Requisite knowledge of applicable technology and security domains

• High level of attention to detail and quality of work product

• Client service oriented

• Excellent time management, organizational, and verbal and written communication skills

• Ability to work on-site or remotely as a valuable contributor to a collaborative team

• Capable of simultaneously managing assigned tasks for multiple projects

• Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman’s service delivery applications

• Full understanding and application of ethics, independence and Schellman’s values

Education, Work Experience and Certifications

• Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified

• Actively pursuing or maintains at least one certification relevant to the Schellman’s services (i.e., CPA, CISA, CISSP, AQSA, QSA, OSCP, etc.)

Factors for Promotion Consideration

• Respected by peers and superiors as evidenced by appraisals

• Has consistently gone above and beyond assigned position responsibilities for the betterment of Schellman

• Completed at least one year of service at Schellman or relevant professional services experience in financial auditing, operational auditing, information systems auditing, internal auditing, information security management or consulting and/or risk consulting, including years of service at Schellman

• Consistently exceeds expectations when performing the essential functions of the team member's current position

• Demonstrates a mastery of the knowledge, skills, and abilities required for the team member's current position

• Maintains at least one certification relevant to Schellman's services (i.e., CPA, CISA, CISSP, AQSA, QSA, OSCP, etc.)

Schellman’s Associate Penetration Tester Position: What to Expect 

Schellman is an equal opportunity employer (EOE) and strongly supports diversity in the workplace; therefore, providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. Schellman uses E-Verify in our hiring process.
 

At Schellman, we strive to provide a flexible and balanced environment and therefore offer the opportunity to work remotely, unless otherwise stated in the job requirements. Connecting, collaborating and continuous education are also highly valued and therefore we require approximately 20% travel annually for our Operations roles, which can include in-person training, team meet-ups, and strategy meetings. Service Delivery team members will also be required to travel based on business and client needs.

Click the video below to learn more about our Penetration Tester roles!