Penetration Testing Senior Advisor Consultant (Applications)
Security and Risk Consulting Group
Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Role Responsibilities
The Application Penetration Testing Senior Advisor Consultant supports the Secureworks Adversary Group by applying information security threat intelligence to identify and exploit vulnerabilities within our client’s environments. The focus areas for this role are web and mobile application penetration testing, API testing, and code review.
Conduct application security assessments (web, mobile, API, etc.) using off-the-shelf or internally developed exploitation tools to execute manual testing for advanced attacks
Produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report
Conduct client conference calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations
Perform proactive research to identify and understand new threats, vulnerabilities, and exploits
Excel as both a self-directed individual contributor and as a member of a larger team
Perform other essential duties as assigned
Minimum Requirements
Minimum of 5 years of experience with penetration testing (including application testing)
Minimum of 3 years of experience with at least one of the following: Nmap, Metasploit, Kali Linux, Burp Suite
Preferred Skills
Mobile testing experience
Experience conducting code reviews with at least one of the following languages: Java, C#, ASP.NET, Objective C, Swift, Python
Knowledge of NetSparker and AppScan operating systems administration and internals (Microsoft Windows / Linux)
Understanding of TCP/IP networking at a technical level
Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience
Experience with various application attack vectors, security test processes and strong knowledge of common vulnerabilities (i.e. OWASP Top 10)
Working knowledge of SQL and high level languages
Good technical communication skills, both written and verbal; good analytical and problem solving skills
This is a remote position with potential travel up to 10%
Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.
Secureworks
Mous
Bishop Fox
ASRC Federal
Charles Schwab