This position can be remote in the US
What we’re looking for…
We are currently seeking a Penetration Tester to join our Security & Compliance team. The ideal candidate will possess a deep understanding of attack surfaces in modern compiled applications and operating systems. The position will manage all phases of vulnerability management including both internally identified issues as well as externally discovered ones. Candidates must demonstrate the ability to analyze closed source applications using several off-the-shelf or custom developed tools.
What you’ll be doing
Discovers and exploits vulnerabilities affecting corporate infrastructure
Develops and maintains tools to assist in vulnerability research and exploit development
Communicates information security vulnerabilities to the business
Interface and coordinate with engineering and support teams to analyze and review mitigation strategies; provide guidance and assist when strategies need to be enhanced
Analyze and prioritize scan results report, discovered vulnerabilities and assist with mitigation strategies for vulnerabilities that cannot be corrected
Perform Independent Verification and Validation activities
Create and maintain a strategic reporting mechanism to ensure stakeholders understand Key Risk Indicators
Escalates issues to IT, security team, and engineering through standard escalation processes
Provides technical expertise and advice on all areas of security technology, including: network security, platform security, authentication/authorization systems, application security, security architecture, policy enforcement, and security frameworks
Integrates information security controls into an environment to identify risks and reduce impact
Deliver high quality actionable advice.
Works with technology groups to evaluate, select, install, and configure hardware/software systems to comply with established enterprise security standards and policies
Qualities you possess
3+ years of Information Security experience
3+ years direct or equivalent experience in areas of penetration testing, exploit development, vulnerability research and management
In-depth knowledge and experience with Linux Operating Systems
Experience performing host, network, and web application penetration tests
Scripting experience with the ability to develop custom scripts, exploits, and tools
Experience with common penetration testing tools
Experience developing detailed penetration testing reports that can speak to multiple audience types
One or more of the following Security certifications: OSCP, PenTest+, CISSP, SSCP, CSSLP, Security+
Bonus points
Bachelor of Science in Computer Science, Computer Engineering, or Electrical Engineering or a related technical field or equivalent professional experience
Experienced programming using PHP, nodejs, and Python (or a comparable scripting language)
Experience with Tenable, Blackduck or other vulnerability detection tools
Experience with defining or managing a vulnerability management program
Experience with identifying and mitigating vulnerabilities in cloud environments (i.e. AWS)
Source code review for control flow and security flaws
Benefits & Perks
A remote-first culture – work from home or come into the office, it’s totally up to you.
Comprehensive medical, dental and vision plans.
401(k) plan with employer match.
Flexible Paid Time Off (FTO) so that you can take the time that you need to re-energise.
Volunteer Time Off (VTO) – take two days off per calendar year to volunteer with your preferred charitable organization.
5-year Service Milestone Sabbatical.
Paid parental leave.
Generous employee referral bonus program.
Pet insurance.
HQ Office centrally located in Reston Town Center featuring a well-stocked kitchen with rotating snacks and beverages, and catered lunch on Thursdays.
Regular virtual company-wide events, including cooking classes, yoga, meditation and more.
The opportunity to learn and develop from some of the best and brightest minds in the industry!
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which you are applying.
About ScienceLogic
ScienceLogic is a leader in IT Operations Management, providing modern IT operations with actionable insights to resolve and predict problems faster in a digital, ephemeral world. Its solution sees everything across cloud and distributed architectures, contextualizes data through relationship mapping, and acts on this insight through integration and automation.
$70,000 — $120,000/year
To apply for this job, please visit the application page
