Senior Offensive Engineer - Web Application Penetration Testing

August 20

Apply Now
Logo of Trace3

Trace3

Data Intelligence • Enterprise Transformation Services • Virtualization & Networking • Storage • Backup

501 - 1000

💰 Private Equity Round on 2017-06

Description

• The Senior Offensive Security Engineer will lead offensive security campaigns for our clients to improve their ability to protect, detect and respond to known adversaries. • This position will reduce cyber risk by uncovering vulnerabilities and weaknesses in our client’s enterprise cyber environment through coordinated ethical hacking and penetration testing scenarios. • The Sr. Engineer will work closely with team members to plan, coordinate, execute and report on sophisticated ethical hacking exercises, to identify cyber vulnerabilities and reduce the risk posture of enterprise systems. • This role will be primarily responsible for performing application and OS security assessments and will make recommendations on effective countermeasures. • A key function of this role will be building deep relationships, gaining trust, and enabling client success.

Requirements

• Bachelor’s degree in Engineering in Computer Science or Information Technology or a related technical field; or equivalent related professional experience • OSCP, OSCE, GXPN, PTX, WPTX, or MASPT certification(s) is a huge plus • CISSP, CISM, CEH, or THP certification(s) preferred • Advanced understanding of one or more Unix/Linux/Mac/Windows operating systems • 6-8 years' experience in at least three of the following: • Red Team penetration test tools such as Kali, ParrotOS, Bloodhound, MetaSploit, BurpSuite, OWASP Zap, etc • Network penetration testing and manipulation of network infrastructure • Mobile and/or web application assessments • Shell scripting or automation of simple tasks using Perl, Python, Go, Powershell or Ruby • Developing, extending, or modifying exploits, shellcode or exploit tools • Developing applications or scripts in C#, ASP, .NET, ObjectiveC, Go, Java (J2EE), Python, or Ruby • Experience with at least one or more of the major cloud providers (AWS, Azure, and GCP) • Expert knowledge of tools used for wireless, web application, and network security testing • Expert knowledge of current web application structure and strong ability to test both modern and older web applications • Motivated self-starter who loves to solve challenging problems and feels comfortable working directly with customers • Excellent oral, written communication, and presentation skills with an ability to present client security sessions and security workshops to C-Level Executives and non-technical audience • Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment • Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver • Comfortable managing multiple and changing priorities, and meeting deadlines in an entrepreneurial environment

Benefits

• Comprehensive medical, dental and vision plans for you and your dependents • 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability • Competitive Compensation • Training and development programs • Wellness Program • Stocked kitchen with snacks and beverages • Collaborative and cool office culture • Work-life balance and generous paid time off

Apply Now

Similar Jobs

August 16

Synack, Inc.

201 - 500

Help customers maximize value from Synack’s penetration testing and vulnerability management services.

August 16

Datavant

201 - 500

Represent customer security interests and build trust through technical assessments and compliance.

Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com