Be an early applicantLess than 25 applicants

Company

Blue Yonder · 2 hours ago

Lead Penetration Tester

Dallas, TX

Full-time

Remote

Senior Level, Lead/Staff

$120K/yr - $152K/yr

10+ years exp

Maximize your interview chances

CRMData Management

Growth Opportunities

H1B Sponsor Likely

Insider Connection @Blue Yonder

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Create and maintain a solid penetration testing program for the organization, a key role within security organization

Conduct all the penetration activities for the Blue Yonder infrastructure

Co-ordinate customer requests for penetration testing

Focus on all the phases of penetration testing including, Information gathering, scanning, execution, post-exploitation, custom/meaningful reporting, remediation activities

Out of several thousand assets, identify the assets that need prioritization to be assessed

Potential to expand to a Red team with a focus on validating the security controls and security tools that are in place

This candidate would ultimately create awareness about the extent of compromise one could make with the current security posture – so that the asset owners can truly understand the security posture of their products and their network

Creates processes for the penetration testing program considering all the phases of the program

Leverage vulnerability scan results from all the scanners

Leverage threat intelligence information to raise the bar on Pen Testing program

Evaluate threats, vulnerabilities and risk in cloud platforms like Azure, AWS, etc.

Be responsible for not only identification of results but to provide solid feedback to the stake holders and to reduce the risk exposure

Capable of validating security controls that are in place with the organization like intrusion prevention systems and intrusion detection systems, etc.

An expert in post exploitation to truly determine the extent of compromise, upon identifying vulnerabilities

Describe the root cause and impacts to the asset owners

Demonstrate the risk through verbal and video demonstration in layman terms as needed

Reduce the open vulnerabilities by providing remediation guidance and feedback as needed

Document and track all the hacking activities for Management and auditors

Represent the team for internal and external auditors as needed

Review reports for each assessment before it is sent to the asset owners or to the customers

Participate in and assist with incident response team, as appropriate.

Generate metrics for the Management as needed.

Prepare system security reports by collecting, analyzing, and summarizing data and trends

Any other security related duties assigned by the Management.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Penetration TestingEthical HackingRed TeamingQualysTenableNexposeMetasploitCore ImpactBurp SuiteCobalt StrikeOSCPOSCECRTPGPENMitre FrameworkNetwork SecuritySystem SecurityEndpoint SecurityCloud InfrastructureInformation Security ConceptsFirewallsIntrusion Prevention SystemsIntrusion Detection SystemsTCP/IPLog ManagementEvent Monitoring

Required

10+ years of Penetration Testing, Ethical Hacking and/or Red Teaming experience.

Must have worked with products/tools such as Qualys, Tenable, Nexpose, Metasploit, Core Impact, Burp Suite, Cobalt Strike, etc.

Certifications such as OSCP, OSCE, CRTP and/or GPEN.

TTP (Tactics, Techniques and Procedures) such as Mitre Framework.

Preferred

Bachelor’s degree in information security, MIS, or Computer Science highly preferred.

Deep and diverse experience architecting and implementing network security designs.

Expertise in network security, system security and endpoint security.

Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.

Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.

Ability to work in different shifts to partner with the global team.

Benefits

Comprehensive Medical, Dental and Vision

401K with Matching

Flexible Time Off

Corporate Fitness Program

A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more

Company

Blue Yonder

Glassdoor

4.2

Blue Yonder is a digital supply chain and omni-channel commerce fulfillment platform.

Founded in 1985

Scottsdale, Arizona, USA

5,001-10,000 employees

https://blueyonder.com

H1B Sponsorship

Blue Yonder has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (53)

2022 (87)

2021 (112)

2020 (84)