myGwork - LGBTQ+ Business Community · 2 days ago
Senior Lead Security/Penetration Test Engineer
Wonder how qualified you are to the job?
Maximize your interview chances
Internet
Insider Connection @myGwork - LGBTQ+ Business Community
Responsibilities
Security/penetration test web applications and underlying infrastructure for vulnerabilities using both manual and automated techniques
Build scripts, tools, or methodologies to enhance offensive security testing
Employ advanced techniques including reverse engineering, fuzzing, and conduct research to identify new and novel attack vectors
Possess sound knowledge of common infrastructure and web application vulnerability categorizations such as CVE, CVSS, CWE
Analyze findings from a variety of application security tools to secure web applications during development and production run-time
Effectively communicate findings, attack paths, and recommendations to technical and executive client stakeholders through written reports and verbal presentations
Automate security testing at various stages within the CI/CD pipeline
Develop secure coding standards and training across multiple application frameworks and technologies to address security-test findings
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s Degree in Computer Science, Information Systems, or equivalent work-related experience
Minimum 8 years total experience in a technical role such as security engineer with software development experience
Design, implementation, and operation of a secure software development lifecycle
Experience with web application security/penetration testing and common attack vectors
Experience with secure application development
Software development experience in a common programming language: Java, Python, C#
Scripting/programming skills - Python, PowerShell, GoLang, Perl, JavaScript, .NET, API Integration
Security tooling automation in CI/CD pipelines and IDE interfaces including Static Application Security Testing (SAST) and Static Application Analysis (SCA) solutions, Dynamic application security testing (DAST)
Preferred
Experience reproducing proof of concept exploitation steps
Deep application security knowledge, with the ability to map an application vulnerability to exploitation indications and relevant investigative techniques
Familiarity with standardized penetration testing and red teaming standards and procedures, such as NIST SP-800-115 and TIBER-EU
Benefits
Health care coverage
Generous time off
Access to continuous learning resources
Retirement planning
Financial wellness programs
Family-friendly perks
Retail discounts
Referral incentive awards
Company
myGwork - LGBTQ+ Business Community
myGwork is the largest global platform for the LGBTQ+ business community.
Funding
Current Stage
Early StageTotal Funding
$4.77MKey Investors
24 HaymarketInnovate UK
2023-08-17Series Unknown· $1.66M
2023-08-17Grant· Undisclosed
2021-12-07Series A· $2.12M
Recent News
2024-04-10
Company data provided by crunchbase