Application and Product Security Senior Analyst Penetration Testing
Application and Product Security Senior Analyst Penetration Testing
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Summary
The Application and Product Security Senior Analyst (Penetration Testing) is responsible for conducting security pen testing monitoring and auditing within a dynamic global organization. The products under test will have a range of possibilities from embedded devices to cloud services. Some of the products will be white box tests while others will be total black box engagements. A successful senior analyst will be able to take the product and evaluate the weak points in the design and implementation and focus in on those weaknesses to find security gaps under the guidance of senior engineers and testing leads. Analyst should clearly document the findings analysis and prepare a detailed report.
This position will be based onsite at Vertivs Westerville OH HQ location.
Responsibilities:
In addition to performing internal application and product security assessments the Application and Product Security Senior Analyst will be expected to support on following major duties:
- Conduct security evaluation and threat assessments of embedded systems mobile applications web applications
- Conduct research for the purposes of finding new vulnerabilities and enhancing existing capabilities
- Circumventing security protection methods and techniques
- Performing data bus monitoring (snooping) and data injection
- Conduct communications protocol analysis in the embedded products and applications
- Create detailed technical reports and proof of concept code to document findings
- Perform System Breakdown of the project/product before testing identify and evaluate all the testing requirements and plan out the detailed testing activities resources etc. with the help of Senior/Lead test engineers
- Provide proactive detailed interaction with respective engineering group on the testing needs testing progress/status and provide detailed analysis report
Requirements:
- Bachelors Degree in Information Technology Computer Science or related field is highly desirable.
- Advanced security qualifications such as OSCP (Offensive Security Certified Professional) certification CEH (Certified Ethical Hacker) or equivalent.
- Four or more years of experience 4 years) in information technology.
- Two or more years 2 years) of pentesting experience with a strong interest / personal experience in pentesting (CTF HacktheBox etc.
- Solid understanding of security protocols cryptography authentication authorization and security
- Good working knowledge of current IT risks and experience implementing security solutions
- Ability to interact with a broad crosssection of personnel to articulate and enforce security measures
- Excellent written and verbal communication skills as well as business acumen
- Strong ability to establish partnerships and influence change and achieve results within dynamic environment
- Preferred:
- Understanding and development experience of embedded systems / software and webbased applications
- Working knowledge of hacking tools and techniques such as memory exploits rootkits protocol poisoning browserbased attacks DNS poisoning MetaSploit nmap Nessus etc.
- An understanding of common cryptographic algorithms and protocols including their weaknesses and attacks against them
- Understanding of network protocols and experience developing packetlevel programs
- Understanding of common microcontroller programming tools and debugging interfaces
- Exposure to Layer 2 Layer 3 networking QoS
- Knowledge of common malware/botnet exploits and how they are targeted to exploit embedded systems
- Operating system configuration of Windows Linux Android and iOS
- Computer boot process including boot loaders
- Preference given to other practical skills such as: functional analysis memory image capture static memory analysis and data element extraction etc.
- Use of Gitlab for issue management tool usage experience preferred
The successful candidate will embrace Vertivs Core Principals & Behaviors to help execute our Strategic Priorities.
OUR CORE PRINCIPALS: Safety. Integrity. Respect. Teamwork. Diversity & Inclusion.
OUR STRATEGIC PRIORITIES
Customer Focus
Operational Excellence
HighPerformance Culture
Innovation
Financial Strength
OUR BEHAVIORS
Own It
Act With Urgency
Foster a CustomerFirst Mindset
Think Big and Execute
Lead by Example
Drive Continuous Improvement
Learn and Seek Out Development
About Vertiv
Vertiv is a $6.9billion global critical infrastructure and data center technology company. We ensure customers vital applications run continuously by bringing together hardware software analytics and ongoing services. Our portfolio includes power cooling and IT infrastructure solutions and services that extends from the cloud to the edge of the network. Headquartered in Columbus Ohio USA Vertiv employs around 20000 people and does business in more than 130 countries. Visit Vertiv to learn more.
Work Authorization
No calls or agencies please. Vertiv will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E F1 H1 H2 L B J or TN or who need sponsorship for work authorization now or in the future are not eligible for hire.
Equal Opportunity Employer
Vertiv is an Equal Opportunity/Affirmative Action employer. We promote equal opportunities for all with respect to hiring terms of employment mobility training compensation and occupational health without discrimination as to age race color religion creed sex pregnancy status (including childbirth breastfeeding or related medical conditions) marital status sexual orientation gender identity / expression (including transgender status or sexual stereotypes) genetic information citizenship status national origin protected veteran status political affiliation or disability. If you have a disability and are having difficulty accessing or using this website to apply for a position you can request help by sending an email to
Required Experience:
Senior IC
Employment Type
Full Time
