Senior Engineer, Offensive Security

Senior Engineer Offensive Security: Become the Newest Member of the VF Family

As a member of the Global Cyber Security Assurance team you will play a critical role in identifying vulnerable systems and processes that could threaten VF its assets or personnel. You will recommend remediation steps to key stakeholders to improve VFs security posture while also overseeing offensive security engagements and exercises and maintaining collaboration with various teams across VF.

Key Responsibilities:

• Plan and conduct security exercises that emulate real-world threats to rigorously assess and improve VFs defenses.
• Collaborate with cross-functional teams including Blue Team infrastructure and application groups to validate detection response capabilities and drive security enhancements.
• Develop innovative solutions to complex security challenges anticipate future threats and designing processes to minimize organizational risk.
• Interpret and communicate technical findings to non-cybersecurity audiences ensuring recommendations are actionable and adopted.
• Stay informed of emerging threats and vulnerabilities continually refining penetration testing methodologies and promoting cybersecurity best practices.
• Identify and implement improvements in penetration testing and risk reduction processes creating efficient workflows and recommending remediation strategies.
• Advise on security best practices organization-wide including password management encryption software updates and other improvements.
• Provide consultations on information security designs for infrastructure and application projects.
• Build strong collaborative relationships with defensive and infrastructure teams.
• Prepare detailed reports on discovered vulnerabilities and recommend solutions to mitigate risks.
• Champion cybersecurity awareness across the organization educating and influencing stakeholders through internal channels.

Years of Related Professional Experience: Minimum of 5 years of related experience preferred

Position Requirements:

• Experience in penetration testing methodologies and technologies.
• Ability to identify and exploit identified vulnerabilities responsibly.
• Ability to articulate mitigation strategies for identified vulnerabilities.
• Knowledge of vulnerabilities as presented on the OWASP top 10 web and API vulnerabilities.
• Ability to apply security frameworks (NIST OWASP CISA etc.) to day-to-day operations.
• Understanding of networking protocols (IP DNS HTTP etc.)
• Familiarity with application testing tools such as Burp Suite Postman and ZAP.
• Familiarity with network penetration tools such as NMAP Metasploit Impacket Suite and Bloodhound
• Familiarity with API development and deployment best practices.
• Familiarity with common enterprise architectures.
• Basic hands-on experience with at least one of the major cloud providers (GCP AWS Azure)
• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
• Demonstrated ability to work independently and with others
• Maintains a proper balance between business and operational risk

Educational Preferences:

• A bachelors or masters degree in computer science information systems or other related field; or equivalent work experience
• Relevant certifications (OSCP OSWE eWPT GWEB etc.)

Special Physical and/or Mental Requirements:

• Travel by air and overnight as required 10% amount of time.

Hiring Range:

Incentive Potential: This position is eligible for additional compensation awards that may include an annual incentive plan sales incentive orcommissionpotential. Specific details of the additional compensation eligibility for this position will be provided during the recruiting and interview process.

Benefits at VF Corporation: You can review a general overview of each benefit program offered including this years medical plan rates on and by clicking Looking to Join VF Detailed information on your benefits will be provided during the hiring process.

Please note our hiring ranges are determined and built from market pay determining the specific compensation for this position we comply with all local state and federal laws.

At VF we value a diverse inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individuals race color sex gender identity gender expression religion age national origin or ancestry citizenship physical or mental disability medical condition family care status marital status domestic partner status sexual orientation genetic information military or veteran status or any other basis protected by federal state or local laws. If you require accommodations during the application process please contact us at . VF will provide reasonable accommodations for qualified individuals to the extent required by applicable law.

Pursuant to all applicable local Fair Chance Ordinance requirements including but not limited to the San Francisco Fair Chance Ordinance VF will consider for employment qualified applicants with arrest and conviction records.