Sr. Penetration Engineer-REMOTE
Détails de l’offre d’emploi
- Réf. de l’offre d’emploi:
- 161847
- Lieux:
- Providence, RI 02908
- Flexibilité géographique:
- À distance
- Catégorie:
- IT
- Type d’emploi:
- Temps plein
- Statut de l’emploi :
- Exempt
- Date de clôture prévue:
- 28 juin 2024
- Base de rémunération
- Yearly
- Pay Range
- $100200.00 - $193400.00 Annually ($48.17 - $92.98 Hourly)
PURPOSE:
UNFI is looking for an experienced technical Senior Penetration Tester/Engineer to help us create a resilient food supply chain. The Senior Penetration Tester/Engineer will focus on performing threat emulations and identifying cybersecurity issues within the UNFI environment against a wide range of technologies and systems, performing technical penetration testing of APIs, web applications, networks, cloud services, databases, directory services, and infrastructure. They will be part of the cybersecurity threat and emulation team and will collaborate with staff from other teams across UNFI. While management responsibilities are not part of the role, the expectation is that they can lead engagements, communicate technical details to senior leadership, mentor junior staff, provide technical direction to the program. Coding skills and a passion for cybersecurity is a must, with a preference for testers who view cybersecurity and penetration testing as more than just a job but also a hobby.
JOB RESPONSIBILITIES:
- Perform technical penetration testing of APIs, web applications, networks, cloud services, databases, directory services, and infrastructure.
- Strategic attack simulation by analyzing UNFI’s internal and external attack surface and crafting bespoke penetration strategies.
- Writing comprehensive reports outlining identified vulnerabilities, potential exploitation paths. Provide remediation guidance and recommendations from the assessments and support any security questions from network, system, and/or application owners.
- Assess UNFI’s software development and cloud infrastructure from a security perspective and help drive internal security standards.
JOB REQUIREMENTS:
Education/Certification:
- At least 1 industry leading or senior level cybersecurity penetration certification, for example: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester Certification (GPEN), GIAC Web Application Penetration Tester (GWATP), GIAC Cloud Penetration Tester (GCPN) or EC-Council Licensed Penetration Tester (LPT) Master.
- Active GitHub repository account with examples of security tools, scripts, exploits developed OR evidence of past and current artifacts.
Experience:
- 8+ years of hands-on cybersecurity experience within IT environments.
- 5+ years of experience performing penetration testing and vulnerability assessments.
Knowledge/ Skills/ Abilities:
- Advanced penetration testing skills across both tools and scripting abilities. Expertise with the following tools: various C2s, Burp Suite, Nmap, Wireshark, Bloudhound. Expertise with cybersecurity scripting in Python, PowerShell, or Go to manipulate vulnerabilities and demonstrate potential exploits.
- Ability to employ OSINT techniques to maximize attack vectors, simulating real-world cyber threats.
- Skills in developing implants and evading common security tools.
- Ability to critically examine an organization and system using knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime groups, and both state and non-state sponsored threat actors.
- Knowledge of web application and cloud infrastructure best practices and understanding of how to exploit misconfigurations and vulnerabilities.
- Knowledge of network access, identify and access management, including public key infrastructure and understanding of how to exploit misconfigurations and vulnerabilities.
- Experience creating rules of engagement, test plans, scripts to aid testing efforts, and technical assessment reports that detail findings and remediation efforts.
- Ability to translate technical findings into actionable insights.
- Ability to mentor junior staff and transfer technical knowledge as well as contribute to the team’s knowledge sharing.
All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all.
- M/F/Veteran/Disability. VEVRAA Federal Contractor.
Additional Information
- Schedule: Full-time
- Société:
- United Natural Foods Inc.
Rémunération:
UNFI prévoit de payer le taux de rémunération mentionné ci-dessus (ou dans la fourchette de rémunération mentionnée ci-dessus) pour ce poste. La rémunération réelle, le cas échéant, dépendra d’un certain nombre de facteurs, y compris, mais sans s’y limiter, l’éducation, l’expérience, la formation et toute exigence en vertu des conventions collectives applicables. UNFI s’engage à faire preuve de transparence en matière de paie, conformément aux lois nationales et locales en vigueur.
Avantages:
Pour les postes à Washington (ou les postes pouvant être exercés à distance depuis Washington), cliquez ICI pour connaître les détails concernant les congés payés de l’État de Washington.
Les candidats embauchés pour ce poste seront également admissibles aux programmes d’avantages suivants : congé payé ; congé de maladie ; vacances et congé parental ; programme 401K ; assurance médicale, soins dentaires, soins de la vue, assurance vie et assurance décès/démembrement accidentel ; programme d’assurance invalidité à court et à long terme, allocation de dépenses flexible et/ou compte d’épargne santé, sous réserve de satisfaire aux conditions d’admissibilité et aux modalités de ces programmes, et sous réserve de toute exigence en vertu des conventions collectives applicables.
Emplois dans le domaine de la vente uniquement : Pour les postes de vente rémunérés à la commission, la fourchette ci-dessus est une estimation de la rémunération totale potentielle à la commission au cours de la première année de l’employé, mais UNFI offre une période d’introduction d’un montant minimum de 680 $ par semaine. Après la période d’introduction, comme il s’agit d’un poste basé à 100 % sur les commissions, il n’y a pas de salaire fixe. Les plans de commission de UNFI ne sont pas plafonnés et les revenus moyens varient en fonction du territoire et des ventes réalisées, ainsi que d’autres facteurs.
Les politiques de UNFI en matière de rémunération, de prestations ou avantages sociaux et de congés payés sont susceptibles d’être modifiées à la seule discrétion de la société, dans le respect de la législation en vigueur. Cette offre d’emploi ne doit pas être interprétée comme une offre d’emploi comprenant certaines modalités ni comme une garantie de revenu minimum.
Featured Jobs
Warehouse Supervisor
Aurora, CODISCOVER WHAT’S NEXT FOR YOUR CAREER. Join our team and immediately become part of the largest distributor of conventional, natural, organic and specialty products in the United States and Canada. We serve over 43,000 customer locations with 200,000 different products. Our Warehouse associates supply thousands of consumers with better …
Reach Lift Operator - 9 PM Shift (4x10s)
Centralia, WATop of Form DISCOVER WHAT’S NEXT FOR YOUR CAREER. Join our team and immediately become part of the largest distributor of conventional, natural, organic and specialty products in the United States and Canada. We serve over 43,000 customer locations with 200,000 different products. Our Warehouse associates supply thousands of consumers …
Transportation Manager
Hopkins, MNOversees and manages all aspects of the Transportation department within the distribution center to include creating and managing the Annual Plan as well as managing all outbound shipments. Plans and supervises the Transportation department day-to-day operations to control costs and provide retail with efficient on time service. Accountable for Incident …