Logo for Berkadia Services India Private Limited

Senior Red Team Engineer III

Roles & Responsibilities

  • Bachelor’s degree in Electronics Engineering, Computer Science, Information Technology, or closely related field
  • 4 years of experience conducting internal penetration tests from start to end
  • 2 years’ experience maintaining modern cloud infrastructures in AWS and Azure environments
  • 2 years experience in Agile development, including Python, and Bash

Requirements:

  • Manage and conduct internal penetration tests on mission-critical internal web applications
  • Document the results of all findings of internal penetration tests providing evidence/POC
  • Publish the results of internal penetration tests into Vulnerability Management platform
  • Lead efforts with development teams to ensure that Berkadia Web Applications are implementing all required HTTP security headers

Job description

Berkadia Commercial Mortgage, LLC seeks a Senior Red Team Engineer III (Ambler, PA) to manage and conduct internal penetration tests on mission-critical internal web applications including network  scanning, foot printing, fingerprinting, process enumeration, exploitation, escalation, and exfiltration. Document the results of all findings of internal penetration tests providing evidence/POC (Proof of Concepts) for each finding and how to replicate the results of each finding. Publish the results of internal penetration tests into our Vulnerability Management platform and track the progress of ongoing remediations and provide technical assistance where needed. Build and publish reports showing the following: quarterly, monthly,  and yearly internal penetration testing findings and remediation data MTTR (Mean Time to Remediation)  compliance metrics; applications to be tested and historical data going back 12 months; YoY trend data for  each application tested; maintain the penetration testing environment including deploying the Kali Linux (or  other penetration testing Operating System) to a secure jump-box location within the network and maintaining it. Maintain and update internal penetration testing documentation ensuring that it is up to date with best practices. Provide quarterly updates to our CRM (Cyber Risk  Management) team regarding our compliance with NIST (National Institute of Standards and Technology) pen testing frameworks. Lead efforts with development teams to ensure that Berkadia Web Applications are implementing all required HTTP security headers. Manage and maintain all WAF (Web Application Firewall) policies and updates. Be a technical subject matter expert to mentor more junior engineers working on vulnerability remediations.

REQUIREMENTS: Bachelor’s degree, or foreign equivalent, in Electronics Engineering, Computer Science, Information Technology, or closely related field. Must have (4) years of experience conducting internal penetration tests from start to end including documentation and remediations of all findings using Metasploit, BurpSuite, Kali Linux, and nmap.

Of the (4) years, must have the following: 

  • (2) years’ experience maintaining modern cloud infrastructures in AWS and Azure environments including experience with Terraform;
  • (2) years experience in Agile development, including Python, and Bash;
  • (2) years’ experience managing and deploying Docker container-based assets using Kubernetes;
  • (2) years’ experience utilizing TCP/IP networking both on-premises and in a cloud-based environment including network and web application firewall configuration.

Remote work available up to 3 days per week at employer discretion. Must live within commuting distance of Ambler, PA.

Be Part of Building the Next. Be Berkadia. 

#LI-DNI

Berkadia, as an equal opportunity employer, celebrates our employees’ unique differences, which we believe drives personal and company-wide innovation and creates a people-first culture where your career can take the long view. To achieve these goals, we are committed to the full inclusion of all qualified individuals, without regard to race, religion, age, color, national origin, gender, sexual orientation, gender identity or expression, marital status, domestic partner status, military and veteran status, disability, pregnancy, parental status, genetic information, political affiliation, or any other status protected by federal, state and local laws.   

In keeping with our commitment, Berkadia takes the necessary steps to provide a workplace free from harassment and discrimination, as well as access and reasonable accommodations for individuals with disabilities. If you require reasonable accommodation to take part in the interview process, please contact talentacquisition@berkadia.com.

You have rights under Federal and State employment laws. No question in this Application is intended to elicit information in violation of any such law, nor will any information obtained in response to any question be used in violation of any such law. If you apply for this role, you are acknowledging Berkadia's Application Policy and Berkadia's Privacy Policy. Please click the following links for more information about: EEOC, Employee Rights under the FMLA, EPPA.

Related jobs

Other jobs at Berkadia Services India Private Limited

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.