Penetration Testing Lead at Robert Half
Location: San Ramon
Our client is seeking an experienced Penetration Testing Lead who is responsible for assisting with continuous development of day-to-day operations of the Enterprise Information Security (EIS) organization and to help introduce efficiencies that can streamline internal processes and procedures to drive automation & operational maturity. The candidate would have the ability to research, develop, and keep abreast of testing tools, techniques, and process improvements in support of vulnerabilities, Proofs-of-concept, in-the-wild exploits, security detection, analysis, and response.
Specific responsibilities include:
Perform penetration testing of company-owned systems
Perform penetration testing of company applications
Perform penetration testing of company networks
Utilize existing security tools and develop and/or deploy additional tools that enable increased visibility and awareness of known and potential threats.
Create testing methods to identify vulnerabilities
Identify methods and entry points of value to attackers
Ability to utilize proof-of-concept code to determine enterprise vulnerability/exploitation
Review and provide feedback on proposed configuration changes
Create repeatable processes to handle routine requests for compliance/governance
Utilize automation to support workload
Create scoped assessments based on business need
Participate in investigations of suspected information technology security misuse or in compliance reviews as requested by auditors.
Document security architecture, infrastructure components, and operating procedures to help maintain and manage a service catalog.
Be a thought leader and mentor to junior staff to help the team grow and enhance their skills.
Provide users and management with technical support on matters related to information security such as the criteria to use when selecting information security products from the service catalog.
Assist with the designing, engineering, and administering of a full range of information security systems, auditing information, and physical security (as it relates to information technology) solutions, and overall security environment including endpoint, network, server, application, and cloud security.
Ensure that secure practices, procedures, and policies are designed and implemented, provide input into future state decisions regarding information security technology design.
Be a critical contributor to the overall improvement of security operations effectiveness by working closely with internal and external teams to understand threats, security gaps, process needs, etc.
Develop and deploy automation for repetitive tasks, forensic data collection, and other useful methods as appropriate.
Develop and maintain metrics that clearly show material KPI’s for security controls and practices.
Master’s degree in Computer Science, Information Security or other related field preferred or 7+ years’ required experience in related field
OSCP, CEH, CPT, CEPT, GPEN or other experienced industry-standard penetration testing Certification(s) required
7+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design, networking, administration, identity, or other responsibilities preferred
5+ years’ experience in information security required
3+ years’ experience performing penetration testing required
Work independently and troubleshoot technical and business process-related issues
Develop subject matter expertise in the entire information security stack
Develop technical testing solutions for internal consumption
Ability to appropriately analyze and scope vulnerability disclosures, CVEs
Expertise in OWASP
Experience managing and working penetration tests for a large enterprise
Excellent understanding of threat vectors and containment methods
Experience with multiple and current Endpoint Detection and Response solutions
Experience with Vulnerability Management concepts and best practices
OS (Windows, Linux, and Mac OS, mobile OS’s)
Expertise of networking concepts protocols and encryption
Expertise of application security practices and tools
Excellent written and verbal skills. Ability to present topics to all varying levels of the organization
Expertise in programming/scripting languages strongly preferred: Python, PowerShell, Bash, C/C++/C# etc.
Expertise of Metasploit or similar tooling
Expertise of penetration testing security tooling, such as Kali Linux
Expertise of Burp suite or similar tooling
Senior P.NETration Testing Engineer at Lucid Motors
Leading the future in luxury electric and mobility
At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.
We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.
Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.
We are looking for an experienced hands-on Penetration Testing Engineer in Wireless Technologies, who has the ability to work with the team and help team identify the vulnerabilities in software.
In this role, you will have the opportunity to get involved several stages of product development. Ideal candidate would be with proficient knowledge in Embedded Security concepts. Working experience with Security Vulnerability Tools and PenTesting tools will be an added advantage.
Key Domain Areas of Work:
• Should be able to understand the Embedded Security concepts such as Secure Boot, Secure Storage, HW level Security
• Good understanding of Wireless Technologies such as WiFi, LTE, BLE, LF, NFC and UWB
• 5 years of experience in System Ethical Hacking
• Good programming/scripting knowledge for developing the exploits.
• Good at performing threat analysis and threat assessments
• BE or ME in Computer Science or equivalent.
• Passion towards Embedded Systems Security testing and Vulnerability testing.
• Good working experience in HW level Security testing, hacking the wireless communication.
• Experienced in Vulnerability scan and PenTesting tools
• Experienced in performing PenTesting in WiFi, LTE, BLE, NFC, LF and UWB.
• Thorough understanding of the above protocols and RF methodologies is preferred.
• 5+ years of developing the system level test cases
• Good understanding of FIPS standards, Security compliances such as PII, PCI and GDPR.
• Strong debugging and analytical skills.
• Should be a good team player
• Excellent interpersonal, verbal and written communication skills
For Remote Senior P.NETration Testing Engineer roles, visit Remote Senior P.NETration Testing Engineer Roles
Director of Strategy at Cobalt.io
Location: California City
Who We Are
Cobalt provides the worlds largest pentesting platform, delivering thousands of pentests per year. Cobalts Pentest as a Service (PtaaS) platform is modernizing traditional pentesting. By combining a SaaS platform with an exclusive community of testers, we deliver the real-time insights you need to remediate risk quickly and innovate securely. We see the Pentest as a Service model as a first step in our vision to create a new interface to the security workforce. We have seen tremendous traction over the years and today we have 1000+ customers on Cobalts platform, ranging in size from Fortune 50 companies to emerging tech start-ups.
We are remote-first with local hubs in Austin, Boston, Berlin, and San Francisco. We have Scandinavian roots, an American base and a global outlook. Our team is characterized by a fun, fast-paced and collaborative culture based on individual responsibility and ownership.
We have secured more than $50M in funding from a variety of top flight investors, led by Highland Europe. We are using our funding to expand global usage and continue development of the Cobalt platform, which pioneered the Penetration test as a Service (PtaaS) model.
What’s next? We’re seeking a Director of Strategy who will report to Caroline Wong, Chief Strategy Officer, and work closely with Cobalt’s Executive Team.
This role will be responsible for identifying strategic opportunities and growth vectors in the cybersecurity market. It requires a dynamic understanding of the fast-changing, high growth pentest market and adjacencies. The ideal candidate may have been in an M&A, Corp Dev, or management consulting role previously.
This is a think and do high impact role, responsible for conducting original research & analysis and building business cases & rationale. These deliverables will inform strategic direction and positioning for the company’s future investments in people, offerings, infrastructure and go-to-market.
What Youll Do
• Develop and maintain up-to-the-minute knowledge of the pentest market and the adjacent broader cybersecurity market landscape. Build a methodology, framework, and metrics for Cobalt to assess market position in a fast-changing, high growth market.
• Perform technical and business due diligence. Analyze fundamental sector, industry and company data including financial, business, and competitive factors for relevant market players.
• Develop original analysis, insights, and recommendations as to how to best capture new and adjacent markets (build, buy, or partner options). Provide thought leadership by preparing briefing documents and executive slides to support key strategy decisions and communications.
• Contribute positively to Cobalt culture and live our values.
• 5+ years of experience at a startup, investment bank, venture, or an MBA. M&A or Corp Dev background preferred.
• Exceptional decision making instincts, strong analytical skills, and highly self-motivated.
• Excellent written and verbal communication. Strong bottom-up fundamental approach to research; exhibit a high individual standard in work output.
• Strong interpersonal skills and experience in a collaborative, team-based, results-oriented environment.
• Experienced and credible in building valuable relationships with senior leaders & decision-makers.
Diversity at Cobalt
With over 45 nationalities already at Cobalt (and counting) we respect and celebrate diversity! We’re proudly committed to equal employment opportunities regardless of your gender, religion, age, sexual orientation, ethnicity, disability, or place of origin. We support each other and are grateful for each Cobalters contribution to our mission – lets make security dance!
Please apply even if you dont think you meet all of the criteria above but are still interested in the job. Nobody checks every box, and were looking for someone excited to join the team.
Why You Should Join Us
• Grow in a passionate, rapidly expanding industry operating at the forefront of the Pentesting industry
• Work directly with experienced senior leaders with ongoing mentorship opportunities
• Earn competitive compensation and an attractive equity plan
• Save for the future with a 401(k) program (US) or pension (EU)
• Benefit from medical, dental, vision and life insurance (US) or statutory healthcare (EU)
• Leverage stipends for:
• Work-from-home equipment & wifi
• Learning & development
• Unlimited books
• Treat yourself to paid remote lunches
• Make the most of our flexible, generous paid time off, and 16-weeks of paid parental leave
• Work remotely from anywhere in the US, the UK, or Germany
• Explore the world with our travel bonus payouts at your 2, 3, and 5 year anniversary
Web Reference : AJF/417755335-747
Posted Date : Sat, 03 Sep 2022
Please note, to apply for this position you will complete an application form on another website provided by or on behalf of Cobalt.io. Any external website and application process is not under the control or responsibility of Careerboard – California Jobs
For Remote Director of Strategy roles, visit Remote Director of Strategy Roles