Senior Penetration Testing Manager

O que você fará:

Avalara's Product Security organization is looking for a Penetration Testing Senior Manager to lead our Offensive Security team. You will lead a team of accomplished penetration testers whose mission will be to conduct offensive pen-testing activities against our microservices, applications, infrastructure, data-layer and AI-based services. You will work with our engineering groups to define pen-test scope, schedule, lead assessment engagements, and map assessment findings into engineering plans for remediation, guiding our product security uplift activities. This is a unique opportunity to make impacts on our overall security posture, define the strategic direction and evolution of our assessments team, and help Engineering improve our security designs for our next generation of systems and services. You will report to the VP of Product Security.

Quais serão as suas responsabilidades:

In this role you will;

• Lead and develop our geographically distributed offensive security and pen-test team. Mentor junior pen-testers on TTPs
• Organize pen-test preparation and scheduling activities for in-house and out-of-house white-box and grey-box assessment activities.
• Create written assessment reports for both engineering and IT consumers
• Validate, refine, and defend the offensive security team's work product
• Oversee Avalara's responsible disclosure programs (RDP) and bug-bounty programs
• Be a subject matter expert and ambassador to Avalara Engineering in secure coding practices, penetration testing, and all other aspects of application, AI, and infrastructure security

O que precisa possuir para ser bem sucedido:

• Hold an Offensive Security Certified Professional (OSCP) certification
• 3 or more years of management experience, and 10+ years overall of security assessment experience
• Have a formal knowledge of attack vectors, exploits and mitigations, and be able to verbalize Tactics, Techniques and Procedures (TTPs) related to carrying out security assessments
• Prior experience scoping and performing pen-testing of applications, and microservices-based environments, from limited to full scope across multiple API & UI technology stacks, public cloud and infrastructure.
• Problem-solve and make decisions with incomplete information using your judgment and experience.
• Strong verbal and written English language skills

A Avalara é uma empresa AI-first:

AI is embedded in our workflows, decision-making, and products.  Success here requires embracing AI as an essential capability.

• You’ll bring experience using AI and AI-related technologies, ready to thrive here.

• You’ll apply AI every day to business challenges - improving efficiency, contributing solutions, and driving results for your team, our company, and our customers.

• You’ll grow with AI by staying curious about new trends and best practices, and by sharing what you learn so others can benefit too.

Como cuidaremos de você:

Total Rewards 

In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses. 

 

Health & Wellness 
Benefits vary by location but generally include private medical, life, and disability insurance. 

 

Inclusive culture and diversity 
Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship. 

 

O que você precisa saber sobre Avalara:

We’re defining the relationship between tax and tech.

 

We’ve already built an industry-leading cloud compliance platform, processing over 54 billion customer API calls and over 6.6 million tax returns a year. Our growth is real - we're a billion dollar business - and we’re not slowing down until we’ve achieved our mission - to be part of every transaction in the world.

 

We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. We’ve been different from day one. Join us, and your career will be too.

 

We’re An Equal Opportunity Employer

Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.