OSSEC-Security Engineer-Java, Penetration Testing/Strong Coder.

Join an Exciting and Rapidly Growing Enterprise Security Technology Company.  Our company started with a vision to revolutionize data processing. We formed a great team and built a great product.  We always strive to make it better and we are working across the industry to build our capacity to serve our customers and partners.

Candidates will work alongside experienced innovators who have run massive scale systems in highly critical production environments. The position includes conducting external & internal penetration testing, social engineering assessments, web application assessments, and other security assessments.

Job Responsibilities

  • Work directly with our personnel to perform penetration tests of their systems/applications to identify vulnerabilities and flaws and classify the risk of items found<span
  • Create and conduct social engineering assessments using various techniques and delivery methods
  • Produce thorough reports detailing the findings of the services-rendered and provide recommendations to meet information security and compliance standards

Desired Skills and Experience

  • Network penetration testing methodologies
  • Web application penetration testing methodologies
  • Penetration testing tools (NMAP, burp, Metasploit, Netcat, w3af, etc.)
  • Functional pen test coding/scripting skills
  • Social engineering techniques
  • Password cracking
  • Wireless security testing
  • Exploit payload creation/customization
  • Information security principles, procedures, and controls.
  • Information technology including OS (Linux), network technology, and network administration, Amazon Web Services (AWS)
  • Possesses excellent verbal and written communication skills
  • Is comfortable working autonomously as well as in a group environment
  • CISSP, GPEN, GWAPT, CEH, and/or other information security-/penetration testing-related certifications are a plus but not a requiremen
  • Work with internal software developers
  • Develop write and support testing and penetration code
  • Develop security blogs for internal and external communities
  • Speak at security conferences